PayPal phishing email says not spam

PayPal phishing email says not spam

Once again, we found a phishing email masquerading as being from Paypal. This phish resembles previous phishing emails; it claims that it is not spam. This is a ruse. It is a brazen attempt at authenticity. The email does trot out the usual line: someone has been using your account, therefore we have locked it. Please click on this link to update your PayPal details. Or verify your PayPal details. Here’s a newsflash: the email is not from PayPal. It is the latest in a long string of phishing emails. Do not click on the link; delete the email if you receive it.

Figure A shows the email. The subject line of the email is “Account verification”. The sender is “PayPal services”. The email domain name resembles the genuine PayPal domain insofar as it contains the string “paypal”. This is to add authenticity to the email. The greeting used is “Dear PayPal users”. There are two links in the email. The links are to a domain name that looks like the genuine PayPal domain. Again, this adds a realistic look to the email.

As mentioned the email follows a typical phishing email format. Your PayPal account has been locked. You need to do something about it in the next two days, otherwise your account will be suspended. This type of “call to action” is another feature of phishing emails. What sets this aside from other PayPal phishing emails is the bold statement that it is not spam. According to the email, you can move it out of your spam folder.

It is a trick. The email is not from PayPal. The greeting is not personalised. PayPal will use a personalised greeting. The links in the email do not lead to the genuine PayPal site. They lead to a phishing site. The phishing site is a realistic copy of the genuine PayPal site. It steals account details.

Scott Reeves
MailShark
Free anti-spam service
Free email filter service