PayPal Account Validation phishing email

PayPal Account Validation phishing email

There are some PayPal phishing emails that are incredibly realistic. One that we looked at recently even had a senior technical specialist re-reading it to make sure the spam filters weren’t in error. And then there are the somewhat simpler ones. Like the one that we present in this post. This one follows the usual line that your PayPal account needs validation. It does depart from most of the PayPal emails in supplying an attachment.

A screenshot of the email in question is shown in Figure A. There are two variants of this email; they differ in the subject line and the attachment name. The text contained in the body of the email does not vary, however. The email has the subject line “Account Validation” or “Account Review”. The sender is “PayPal” whilst the email greeting is “Dear Valued Customer”. There is one attachment contained in the email. This is called “Attachment.html” or “Verification_2015.html”. The email signs off as “PayPal Account Review Department”.

MailShark PayPal Account Validation phishing email
Figure A – Click to Enlarge

As the email states, the recipient’s PayPal account has been limited due to “Unusual charges to a credit card linked” to a PayPal account. The email informs the recipient that the attachment contained in the email can be downloaded and opened in a web browser. The recipient is told that filling in the form will enable their PayPal access to be restored.

It is not a particularly genuine looking PayPal email. However, these types of emails can still be dangerous. The attachment in this email requests various items of personal information including credit card details. In some cases the attachments also contains malware that is designed to capture keystrokes.

The main signs that this email is not legitimate are, firstly, the lack of a personalised greeting. PayPal have specified this as a giveaway on their page dedicated to spotting phishing scams. Another sign is the somewhat clumsy grammar. The fact that there is an attachment should also be treated with suspicion. Delete this email.

Scott Reeves
Free anti-spam service
Free email filter service

Share This Post

Post Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.