Tuesday, May 3, 2016

Fake Email From Paypal

AVOID PHISHING. BE AWARE. BE WARY.

"Phishing" is an illegal attempt to "fish" for your private, sensitive data. One of the most common phishing scams involves sending an email that fraudulently claims to be from a well-known company – like PayPal. These emails may contain links to fake websites or fraudulent attachments.
Fake websites encourage you to enter personal information like credit card numbers, social security numbers, and account passwords.

Today, I received an email from a supposedly Paypal email informing me that my account will be closed due to the suspension of my credit card. I had a hunch that this was a fake email. I immediately logged in to my Paypal account via the Paypal website which is https://www.paypal.com and from there, I noticed that there was no urgent message informing me to update my account nor a closing of my account. I am posting here the screenshot of the email I have received and I hope this will serve as a warning to check thoroughly the email from Paypal. DO NOT EDIT OR UPDATE YOUR PERSONAL INFORMATION VIA A LINK GIVEN FROM AN EMAIL. I have also immediately forwarded the email to the Paypal support so that they will check if this is a fraudulent email.

The fake Paypal email I received on 3 May 2016.
The website that will show upon clicking the link on the fake Paypal email.

The authentic Paypal log-in page.


12 Things I Have Noticed From The Email From This Fake Paypal Account:


  1. When you click on the link, the URL is not the Paypal website. This is the link that will show in your browser's URL: http://techihuahua.org.mx/account-updating-information/websc-login.php?Go=_Restore_Start&_Acess_Tooken=fa6bb3e989cbaf13ab4a83d7c0084b30fa6bb3e989cbaf13ab4a83d7c0084b30
  2. The email did not address me on my first name.
  3. The "CUSTOMER" was spelled incorrectly.
  4. There was a prevalent wrong grammar issues on the email.
  5. The font used was wrong for the PayPal logo.
  6. There is a sense of urgency which is very doubtful.
  7. The log-in module is wrong.
  8. Copyright dates are wrong.
  9. The links below the fraudulent page is not even clickable.
  10. The email was sent through another website host.
  11. My credit card is definitely NOT SUSPENDED.
  12. This is the most important one. Copy the email address and you will notice that the small letter "i" was used instead of the small letter "l". They both look the same at first glance but when you scrutinize the email, they are definitely not the same. It really depends on the font that you use on your browser. This is the email address of the sender: service@intl.paypal.com service@inti.paypai.com via sh100.subhosting.net 

The screenshot of the log-in page of the fraudulent website from the fake Paypal email. Check the labels I have inputted.

The screenshot of the fake Paypal email. Check the labels I have inputted.

UPDATE 1: I received another email coming from the same sender. Below is the screenshot of the second fake Paypal email.

Screenshot of the same fake Paypal sender with different subject line.
UPDATE 2: I immediately received a reply from the authentic Paypal thanking me for the forwarded fake email. I just hope some readers will become aware, wary and cautious of emails coming from fraudulent email senders who are just out there to illegally obtain our personal information.

Thank you for reading this post and have a nice day.


References:

https://www.paypal.com/selfhelp/article/FAQ438

No comments: