How to Detect Fake Paypal Phishing Email

By 10-03-2010   SecurityTutorials

Do you know if it is a fake Paypal Phishing email? We all get phishing emails and it is important to recognise and avoid getting trapped by these fake phishing emails and not disclose your personal information, bank accounts, credit cards details to unknown fraud persons, who harvest private information via fake websites, links and emails.

Analyzing a fake Paypal phishing email

phishing email

Here is a sample email from Paypal from my Gmail spam folder asking me to send our banking account information. Lets see step by step how many fake things there are in every line.

paypal phishing email

  • Subject –  Note that Account is the registered trademark. Spelling of Possible is wrong. The possible fraud phrase implores the readers to definitely open the email.
  • Spam X  –  Gmail recognizes lots of malicious features suggestive of a phishing email, marks it spam and moves it automatically to the Spam folder. Gmail has powerful antispam features which can easily identify fake Paypal emails.
  • Email from –  Note that thought the email id shows that it originates from from service@intl.paypal.com, if you expand the email headers, it is actually from from service@intl.payspal.com. Note the spelling error – it is payspal.com with an ‘s’
  • Warning  message – G mail has not only sent the message to spam, but also marked the email as an phishing attempt. This was caught because the ‘From:’ field was manipulated to show a false sender name.  The “Learn more” link directs the user to more security information about messages asking for personal information.
  • PayPal Notification – Another repetition of the title, note again that Possible is again wrongly spelt.
  • Security check  –  Note the reason. Even you could have used the account from different computers. But it creates a fear of hacking. They are launching an open investigation instead of checking at the backend and statistics. Creating fear for you to send your details.
  • Account safeguard  –  So now they come to the point – they want your bank account details. Why do they need it?
  • Complete verification –  Again “help speed up” is put in to create a sense of urgency. Note spelling errors again as “cancomplete” has no spacing. They have also put in a long random number so that it creates a sense of authenticity for your account.
  • Phishing link – Note that the link does not point to what the url text displays. Which means clicking on the link will take you to another fake website which resembles the Paypal website closely. Once you fill in your bank details there, your financial information is at risk in the hands of fraudsters. Gmail automatically unlinked that link.
  • Deadline 48 hours –  they create a sense of insecurity and urgency prompting you to take action and click that link. You fear your Paypal account with all its money maybe locked out and act.
  • Verification purpose –  Just incase you are still not convinced – now they coax you with a bit of courtesy which is expected of any business email. Makes you believe that they are indeed the courteous paypal staff who want to protect your Paypal account.
  • Signed by –  note another fake brand name “Paypal-Paypal” and again “Account” is registered. The phrase “Security department” now gives more authenticity to a security organization email.
  • Copyright –  Another fake brand “Paypal Account & Co.”
  • Do not reply –  click the link, or don’t bother. They do not want you to reply back and cross check. Probably the reply email wont work since the email server configuration will cause the email to bounce back. Anyway the email never reaches Paypal.
  • Paypal Banking!  –  fraud brand name. Account is registered again. Now its the “banking department”, just  in case the earlier “security department” didnt interest you.

I hope you learned some new ways to identify fake Paypal phishing emails and not get trapped into revealing your personal and financial secret information. You can report fake sites and phishing emails to paypal. Stay safe and keep reading our blog.

 

5 comments on “How to Detect Fake Paypal Phishing Email

  1. ROW says:

    Surprised to see you still get PayPal phishing mails in Gmail account.

    Since the time Gmail and PayPal have gone into a pact http://gmailblog.blogspot.com/2008/07/fighting-phishing-with-ebay-and-paypal.html I have never seen a PayPal phishing mail in my Gmail account

  2. Sourish | Lets Start A Blog says:

    I always forward such mail to spoof@paypal.com , their anti phishing cell

  3. Hedberg says:

    I am always amazed at how successful phishing is, given how obvious most phishing emails are. It really is something that if everyone was educated properly, they would be cut dramatically.

    Of course, with that said, they are getting better and I imagine it is only a matter of time until the scammers evolve…

  4. Harris says:

    I have recently heard about Gmail’s capability to protect an account from PayPal phishing emails which is why I keep on using it. Not to mention, the storage they offer and it is FREE!

  5. Nishant says:

    Not Surprisingly, We got to hear about the leakage of paypal email database months earlier and There was a Fresh new wave of attack on Paypal users. In few Hours many users reported of receiving Phishing emails, This Spam was carried out on a large scale.

Leave a Reply

Your email address will not be published. Required fields are marked *

css.php