Skip to main content

How to detect high-risk PayPal Phishing Emails

By: conabiz

Today I received this email from service@paypal.com with the subject: "Your PayPal account has been limited". It was marked with "High importance". It sounds serious, doesn't it? I've seen many PayPal phishing emails before, but this one looked reliable.The sender email address looked legitimate: service@paypal.com, unlike popular phishing senders' style such as: paypal@imphishinghere.com (this is an example email address)
I opened the email and saw the PayPal logo. On the right, there was a box "Protect your account info" with a valid link to http://ww.paypal.com, that even provided "Security Tips" at the secured link: https://www.paypal.com/us/securitytips.



Figure 1: This email seems to be reliable

Wait a minute! This email was sent to the email address support@restaurantgiveback.com. But I have no PayPal account associated with this email address! Something is wrong.

Also it said "Dear Paypal member". It did not have my name, or my business name. This is evidence of phishing. PayPal always starts its emails with "Hello [Name]" or "Dear [Name]".

I found the activation link, scrolled mouse over it, and the real hyperlink popped up: (this is a MS Outlook feature). Important: I did not click on the link.


Figure 2: The activation link is fraudulent

The link actually pointed to http://tosuper.com/blablabla, not PayPal. It took me another 5 seconds to Google this hyperlink, http://topsuper.net, and figured out it is 100% phishing. This phish was reported on May 21, 2010. A new-born baby phish!

Figure 3: This is a verified phish

By the way, a friend of mine also received this email on the same day:
------------------
From: PayPal
To: myfriend@email.com (real email address has been changed)
Sent: Fri, May 21, 2010 2:44:03 PM
Subject: Customer Notice

Dear PayPal Customer,
Your online account has been locked due to unusual activity.
Please click to unlock your account, and continue using PayPal services.
-----------------
This email was sent from notifications@pp.com. It is NOT something@paypal.com, so you can quickly know to be careful.
PayPal always includes your name. It should never read "Dear Paypal Customer".
The hyperlink "click" led you to http://webservice-pp.com. Again, this is NOT authorized PayPal website.

What is Phishing? Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication (Source: Wikipedia).

A few take-aways:
If you receive an email from your bank, credit card organization, or PayPal, please check the following:
* Verify your name: Phishing emails usually start with general names "Dear PayPal member", or "Dear customer".
* Verify the sender email address: Phishing email addresses are often similar to the organization email address, but not the same. E.g. notifications@paypal.com v.s. notifications@pp.com. However in some cases, phishing can use Fake SMTP to fake the exact email addresses.
* Verify the recipient email address (your email): Phishing experts crawl on the Internet for email addresses, and sent their messages to all email addresses that they found. If your email address is not the dedicated email address for your account at the organization that sent the email, it is more than likely it is a phishing email.
* Prior to logging in, verify the website. The phishing website can look exactly the same as the site you want to enter, but will have a different domain.
* Finally, if you are still unsure if that is a legitimate site, call the organization to verify.
Also, note that PayPal is popular phishing target!

If you are not familiar with phishing, you may become a real FISH and lose money. So I hope that this post has been of help to you and you avoid future problems.
For those of you who have additional comments or recommendation, I welcome your feedback!

Mike Le
About the Author
Conative Business Inc is a Website and Online Marketing company founded in 2007 in New York City, providing high-end website design, online marketing, and web security solutions. In under 2 years we have grown into a company with offices in New York City and Ho Chi Minh City, Vietnam. We have various clients throughout the United States, who are networking organizations, celebrities, restaurants, and other businesses. Visit http://www.conabiz.com (ArticlesBase SC #2463510)
Article Source: http://www.articlesbase.com/ - How to detect high-risk PayPal Phishing Emails

Labels:

Comments

Post a Comment

Popular posts from this blog

Kumpulan Doa Islam shalawat yang sering dibaca

Beberapa shalawat yang sering dibaca ========================= SHALAWAT NABI MUHAMMAD ALLAHUMMA SHALLI ALA SAYYIDINA MUHAMMAD WA ALIHI WA SHAHBIHI WASALLIM" Artinya : "Ya Allah limpahkanlah sholawat untuk Sayyidina Muhammad dan keluarganya dan sahabatnya dan limpahkan baginya salam" SHALAWAT NABI SULAIMAN --------------------------------- ALLAHUMMA IN DAKHOLA FI SHUROTI SULAIMANA MINAL MASYRIQI WAL MAGHRIBI LIDZATIHI WA QUWWATIHI WA JABRO-ILA WA’AZRO-ILA WA MULKI SULAIMANA MINAL MASYRIQI WAL MAGHRIBI JINNAN WA INSAN WA RIHAN WA GHOMAMAN WA SALLAMA TASLIMAN JALLA JALALUHU YA IBLISASY SYAITHONA FI ZHULUMATI WAN NUR,ROBBANA TAQOBBAL SULAIMANABNI DAWUDA ALAIHIMAS SALAM BIROHMATIKA YA ARHAMAR ROHIMIN Artinya : ya allah ya tuhanku, apabila gambar nabi sulaiman masuk dari timur sampai barat dengan zatnya, dan kekuatannya, dan jibril dan mikail, dan israfil dan kerajaan nabi sulaiman yang meliputi dari timur sampai ke barat dari jin dan manusia dan angin dan awan dan ke
Post a Comment
Read more
PROFIL PENGAWAS BERPRESTASI DINAS PENDIDIKAN DAN KEBUDAYAAN  KOTA  TANGERANG SELATAN BANTEN DATA DIRI DAN  KELUARGA Nama Lengkap : Hj. Misdayati, M.Pd Tempat/Tgl Lahir : Muaraduo, 24 April 1965 Alamat : Jln. Benda Timur 134 E Benda Baru Pamulang, Tangsel Banten NIK : 3674066404650008 NIP : 131496597 Satuan Tugas : UPT Kecamatan Pamulang Jabatan : Pengawas Sekolah KELUARGA Nama Suami : Drs. Syamsuddin,   M.Bsc Anak : 1. Agung Mandela SH    2.M Iqbal MGA Riwayat Pendidikan NO TINGKAT NAMA SEKOLAH/PERGURUAN TINGG TAHUN LLULUS 1 Sekolah Dasar SD 2 Muaraduo 1977 2 Sekolah Menengah Pertama Muhamadiyah Sumsel 1981 3 Sekolah Menengah Atas SPG Neg Palembang 1984 4 Diploma Universitas Terbuka Jurusan Guru Kelas Sekolah Dasar dan AKTA2/ Diploma2 1997 5 Sarjana Universitas Bandung Raya Keguruan dan Ilmu Pendidikan 2003 6 Pasca Sarjana UHAMKA Program MM Evaluasi dan Penelitian Pendidikan 2011 PENGALAMAN ORGANISASI DAN PRESTAS
Post a Comment
Read more

The celestial management ZIKR, PIKR, MIKR

Pada abad ke-21 ini, persaingan dalam sektor bisnis semakin tajam, sehingga setiap praktek bisnis yang ingin menang  persaingan, harus memiliki keunggulan kompetitif tertentu dibandingkan dengan Pesaing. Keunggulan kompetitif organisasi perusahaan bisa terbentuk Melalui berbagai cara.  Salah satu cara untuk memiliki keunggulan kompetitif adalah dengan Menerapkan nilai etika dan spiritualitas (nilai surgawi / manajemen surgawi) di Indonesia Praktik bisnis Nilai adalah nilai yang mengacu pada prinsip 3 W, yaitu Ibadah, Kekayaan, dan Peperangan. Riawan Amin dalam bukunya 'The Celestial Management'   memaparkan konsep Celestial Management yang terdiri dari 3 bagian besar yaitu Worship, Wealth dan Warfare. Ada konsep ZIKR ( Zero Base, Iman, Konsisten dan Result Oriented ) dimana perpaduan antara zero based, iman, dan sikap konsistenakan menghasilkan sebuah hasil yang optimal untuk kemajuan bersama. Sedangkan pada wealth terdapat PIKR ( Power Sharing, Information, Kn
Post a Comment
Read more