Paypal phishing email
Moderator: Wiz Feinberg
-
Harold Dye
- Posts: 721
- Joined: 22 Jul 2001 12:01 am
- Location: Cullman, Alabama, USA
Paypal phishing email
Within the last two weeks I have received an official looking email saying it was from Paypal. I forwarded them to spoof@paypal.com and soon received emails from the real Paypal saying these were indeed virus phishing emails. The replies from the real Paypal gave several things to watch for and stated that they would never send an email structured like those I received. EVERYONE BEWARE !!!
-
Jack Stoner
- Posts: 22136
- Joined: 3 Dec 1999 1:01 am
- Location: Kansas City, MO
This has been going on for years. Its good to be vigilant, but there are phishing type e-mails from banks, e-bay, etc.
If you look at the header and the e-mail address that it came from most of the time that is a dead giveaway as it will have more than just the legitimate site's name in the address that it came from.
If you look at the header and the e-mail address that it came from most of the time that is a dead giveaway as it will have more than just the legitimate site's name in the address that it came from.
-
Wiz Feinberg
- Posts: 6103
- Joined: 8 Jan 1999 1:01 am
- Location: Mid-Michigan, USA
- Contact:
Authentic email from PayPal to its members always addresses you by your legal name, as used when you registered your PayPal account. Fake/Phishing emails either substitute your email address, or use a generic salutation, like "Dear Member."
If you use a real PC to open emails, hovering over buttons and links usually creates a readout on the bottom of your email window, showing the actual URL of the link. Common sense comes in handy when re4ading the destination of a link. If the text show on the message says paypal.com, but the hovered over readout says some other domain/folder/file name, delete it without clicking.
A lot of PayPal Phishes use compromised WordPress websites to redirect victims. The links to them might include names like this: (domain.whatever)/WP-includes/random-alpha-numeric-name/(something.php, or index.html, etc).
See my sticky post on the main page of this forum to learn how to reveal the incoming headers for inspection of the actual source of any email.
If you use a real PC to open emails, hovering over buttons and links usually creates a readout on the bottom of your email window, showing the actual URL of the link. Common sense comes in handy when re4ading the destination of a link. If the text show on the message says paypal.com, but the hovered over readout says some other domain/folder/file name, delete it without clicking.
A lot of PayPal Phishes use compromised WordPress websites to redirect victims. The links to them might include names like this: (domain.whatever)/WP-includes/random-alpha-numeric-name/(something.php, or index.html, etc).
See my sticky post on the main page of this forum to learn how to reveal the incoming headers for inspection of the actual source of any email.
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog