Do you ever check you “spam” mail box before deleting it? I do, if nothing else it’s good for a laugh as I am promised long lasting sexual experiences and beautiful brides from Russia, not to mention the millions of dollars I’ll receive just for helping some poor soul out with a money laundering scheme where there really is no money to be laundered. I also find some things that never should have made their way in there, so it’s nice to know there is a place where I can check in and judge for myself.
Yesterday I found a message which appeared to be from PayPal. And, wow it was GOOD! This was quite possibly the most well done phishing scam message I have ever gotten. It includes the images from PayPal, the mailing address, the correct grammar and punctuation and even the correct domain name. It warned me of an impending problem with my account and that I needed to log in to resolve it, while providing a helpful link to use.
I didn’t panic, but I did wonder. First, why DID this go to my Spam mailbox? Other PayPal notices came to this email address and I receive them. Did the email service detect something that I didn’t? Next, I realized that, I never receive official PayPal notices at this email account. It’s a secondary one set up for things like ebay purchases and sales. While I may receive notice of a payment, I never receive official statements about my account. Those all go to my primary email address.
I thought, what’s one more day. If there is something wrong with the account, I can fix it tomorrow. But in the meantime I’m going to report this to PayPal and tell them why. I sent the message to email@example.com (I have the address saved in my address book but you can also get questions answered online).
Today here’s my response:
Hello xxxx xxxxx,
Thanks for forwarding that suspicious-looking email. You’re right – it
was a phishing attempt, and we’re working on stopping the fraud. By
reporting the problem, you’ve made a difference!
Identity thieves try to trick you into revealing your password or other
personal information through phishing emails and fake websites. To learn
more about online safety, click “Security Center” on any PayPal webpage.
Every email counts. When you forward suspicious-looking emails to
firstname.lastname@example.org, you help keep yourself and others safe from identity
Your account security is very important to us, so we appreciate your
This email is sent to you by the contracting entity to your User
Agreement, either PayPal Ince, PayPal Pte. Ltd or PayPal (Europe) S.à
r.l. & Cie, S.C.A. Société en Commandite par Actions, Registered Office:
5th Floor 22-24 Boulevard Royal L-2449, Luxembourg RCS Luxembourg B 118
So if it looks suspicious it probably is. It doesn’t hurt to think about your emails before you click that link, open that image or pass it along. I caught it this time. Hopefully by being aware of what’s out there I will catch any attempts at a phishing scam again.