Warning on PayPal phishing emails
PayPal phishing emails telling the recipients that they must login to their PayPal accounts and update details are currently doing the rounds. This may be related to other campaigns that started as soon as the Christmas shopping season started.
The full email is reproduced in Figure A.
The purpose of the email is apparently to enable the recipient to update their details so that they can once again use their PayPal account. According to the email, the user’s PayPal account has been limited because PayPal needs some extra information from the user. A button with a link is included in the email; however the link is not to PayPal but to a phishing site.
PayPal does sometimes limit accounts because they require more information to validate an individual or a business so this particular type of email could be easily mistaken for a genuine email.
This particular phish has appeared recently in various guises; this particular incarnation was stopped by our spam filters over the weekend. Previous versions of the phish are fairly similar in theme: the user has a limit on their PayPal account, which can be lifted once they login and supply the details. The login to the phishing site is designed to garner the user’s login credentials, and potentially their credit card details.
Mousing over the link shows that it is not to PayPal, but to a phishing site. A further giveaway is the opening line “Dear Customer”. PayPal emails always include the recipient’s first and last names.
The spam research team at MailShark expect a ramping up of these types of emails over the coming weeks, as the Christmas shopping season moves into full throttle. If you do receive this email then delete it.