Hello Dear begins PayPal phishing email
Not all phishing emails omit salutations, and not all the emails we pull from our spam filters are of great quality. Today we present a phishing email that has a salutation, but lacks the authenticity of some of the previous PayPal phishing emails presented previously. The email begins with an almost affectionate “Hello Dear”.
Figure A shows the email. We didn’t see too many samples of this in quarantine; possibly the scammers realised it wasn’t a particularly high quality phish and abandoned it. Still, as research shows, even the most blatant scam attempts can succeed in snaring users, although the hit rate is very low; around 2% according to a joint study by Google and the University of California.
The subject of the email is “Resolve Your Billing Data .”, whilst the sender of the email is listed as “PAYPA.L Soloution Center.” It appears that the email is trying to inform the user that there is an issue with their account. As mentioned, the email begins with “Hello Dear”, and goes on to say that “Your Account Will Be Limited.” No specific reason is provided for why the user account will be limited.
Contained within the main body of the email is a link. This link is to (supposedly) allow the user to verify their account information and their credit card information. The link actually leads to a phishing site.
We’d have to rate this as a pretty simple phishing email. It does have the PayPal logo in the top left hand corner, in an attempt to appear genuine. The layout of the email is poor, with a link inserted in the middle of the email. Grammar and punctuation are of a low standard. As previously mentioned, the salutation is not personalised. Mousing over the link shows that it does not lead back to a PayPal site.
This email was not received in the high volumes that are typical of a phishing campaign. We mention it today as an example of a low grade phishing attempt.