Validate information says Phishing email
The phish of the day is another PayPal phishing email. It’s not complex, but it’s not simple either. More middle of the road. Read on to see our phish of the day.
At least the email opens in an excited fashion, as you can see in Figure A. We will look at the content of the email shortly. A crude copy of the real PayPal logo is at the top left hand corner of the email. The subject line of the email is “Your Paypal Account has Been limited”. The sender of the email is “Paypal Inc.” One link is present in the email. The anchor text used for the link is “Log into my account”. There are no other features, branding or logos used.
“Thank you for using PayPal” is the opening line of this email. From there we head downhill rapidly. The email tells you that your PayPal account has restrictions. The email implies this is a follow up email. The email states that you have not replied to the first email. This is a trick. The email wants to plant fear of being hacked. The idea is that you will not look at the email, but instead click on the link. The email reinforces the sense of urgency by requesting you “update your account”. Your account can be validated by clicking on the link.
As you may have guessed, this email is a fake. Although the email greeting is friendly (cheerful even), this is a ruse. PayPal uses the name of the account holder. They may add a line afterwards saying thanks for using PayPal, but they will have a personalized greeting. Another sign is the awkward grammar. Finally, the link in the email is not a PayPal link. The link is to a phishing site.