Confirm Information says phishing email

There is a large phishing campaign underway, targeting PayPal users. PayPal is a popular method of making online payments. This success also makes PayPal users a target for criminals seeking to steal bank account information. This week we have stopped several variants of PayPal phishing emails. The volume of PayPal phishing emails has outstripped other phishing emails.

Figure A is the latest exhibit. As a phishing email it is moderate. A copy of the PayPal logo is present in the left hand corner. “Dear User” is the greeting used. The subject of the email is “Your account has been Iimited untiI we hear from you”. Limited is misspelt; an “I” is used instead of an “l”. Until is also misspelt.

The sender of the email is “PayPal Inc”, although checking the email domain shows that it does not originate from PayPal. The email kicks off with the heading “You Must Confirm Your Information!”. The email subject line and the heading pressure the recipient into performing an action. The email has a single link, with the anchor text “Clik Here to Confirm Your Account Information”. Click is misspelt. There is a simple copyright notice at the foot of the email.

MailShark Confirm Information says phishing email — Figure A – Click to Enlarge

The email subject line and the heading indicate that action is required. The email states that the recipient must confirm their information “To Save It”. This pressures the recipient to click on the link. This will enable the user to proceed with account confirmation.

There are a few signs this email is a fake. As mentioned earlier, the domain of the email is not a PayPal domain. The email uses a generic greeting. There are punctuation errors. And finally, the link does not lead to PayPal, but to a phishing site. This is a common attack used by criminals.

Scott Reeves
MailShark
Free anti-spam service
Free email filter service