PayPal Security Advisory phishing email

PayPal Security Advisory phishing email

From today’s scam emails we have pulled a detailed phishing email targeting PayPal users. This phishing email is uses the guise of a security advisory. Although detailed, the phishing email follows a standard line. Limitations are imposed on your PayPal account. Verify your account information and the limitations are removed. This is another scam email.

Figure A shows the email in full. “Security Center Advisory!” is the eye-catching subject line. “PayPal” is the sender of the email. The email domain appears to be a PayPal domain. In this case the email was spoofed. There are four links in the email. One is a valid PayPal link. The other three are to a malicious site. The main link has the anchor text “Click here to Remove Limitations”.

A PayPal logo located in the top left hand corner is a link to the malicious site. A third malicious link is at the foot of the email. The right hand side of the email contains a text box. This text box has information on protecting your PayPal account and protecting your password. These add realism to the email. The look and feel of the email resembles a genuine PayPal email.

Figure A - Click to Enlarge
Figure A – Click to Enlarge

The reason behind the email is to warn the user of incomplete information. Further down the email also warns of suspected fraud on the user’s PayPal account. The user is invited to click on the link. Doing this (the email says) will enable the user to restore access to their account. The user is further warned that their PayPal account may be disabled, if they do not verify their account.

Whilst the email looks realistic, it is a fake. There are a few signs. One sign is the greeting used by the email: there isn’t one. PayPal emails do address you by name. Another sign is the grammar. There are several grammatical errors in the email. The main sign are the links. Three of the four links lead to a malicious site. This site is a phishing site, and will steal your PayPal login credentials. Delete this email.

Scott Reeves
MailShark
Free anti-spam service
Free email filter service

Share This Post

Post Comment