PayPal Unusual Activity warns phishing email

PayPal Unusual Activity warns phishing email

There is one certainty when checking our email filters in the morning. There will be at least one PayPal phishing email. Today’s phishing email steers a course of style over substance. It looks good. It looks convincing. It may trap people if they don’t read the email. But like flawed characters, closer reading shows that it is a fake email. It uses a sense of urgency to pressure the recipient. It headlines the possibility of a security breach of the recipient’s PayPal account. Unusual activity has been detected, the email warns. But for all that, the email is a fake.

Figure A shows the email. It uses a PayPal logo. There is a yellow box that spells out the issue and the action required. The email is from “PayPal.inc”. The actual email domain is not a PayPal domain. The subject line of the email is “Your account has been limited!” A reference number is used to add authenticity to the email. A PayPal email identifier is also used. The email implores the user to login to their account as soon as possible via a link.

The link is a button with text ”Login.” PayPal is also meant to be part of the text; however the last three characters are not English text. The mixing in of non-English characters occurs through the email. The frequency of occurrence is sufficient to raise suspicions in most users. The email advises that information is required for account confirmation. The email also advises that PayPal may take up to 72 hours to respond.

MailShark PayPal Unusual Activity warns phishing email
Figure A – Click to Enlarge

This email is a fake. There are grammatical errors. There is no personalised greeting. PayPal emails use your first name and last name in emails. The link does not lead to the genuine PayPal site. It leads to a phishing site. The phishing site is realistic, but fake. This email is a fake and can be deleted.

Scott Reeves
MailShark
Free anti-spam service
Free email filter service

Share This Post

2 Comments - Write a Comment

  1. I rec’d one of these and don’t have a PayPal account. I want to report it to PayPal but can’t find on their web site a way to do so without an account. Leaves me with little faith in their concern for consumers (potential customers) or their own integrity. Tell me how to give them a chance to prove me wrong!

    Reply
    1. Hi Susan. Thank you for your notification and comments. PayPal does take online safety seriously. If you receive a suspicious PayPal email, PayPal encourages you to forward the entire email (without changing anything) to spoof@paypal.com so they can review the scam attempt. PayPal also has specific reporting addresses for specific countries. If you are in Australia for example you can visit their website here for more information.
      Please let us know how you go and your experiences with them in the further comments if you end up contacting them.

      Reply

Post Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.