Today I received a spam email from a scammer pretending to be PayPal. I’ve gotten lots of phishing emails in the last few weeks, but those were easy to spot because they were warnings about bank accounts for banks that I do not frequent, or credit cards that I do not own.
This latest phishing attempt was also fairly easy to spot, because it came to an email address that I don’t use for PayPal anymore. Nevertheless, there was an account associated with it many years ago, so I went ahead and changed the password.
Here are some screen shots so that you can compare the two emails, and spot the key differences:
— This one says it’s from “Paypal@service.com” but if you look at the string after it, you can see that the email address has been spoofed.
— The email didn’t address me by name–it only said “Notice to [my email address]”
— The grammar is all wrong. “Your account has been locked in” Really? Was it trying to escape?
— The spammers are using an altered Paypal logo.
LEGIT PAYPAL EMAIL:
— The email came from a PayPal.com account, after I went directly to PayPal.com and initiated a password change (by sending a code to my phone, not via email).
— The email addresses me by my full name as listed on the account (only first name shown above)
— The email provides an alternate means for contacting the other than email–a phone number that you can run through a Google search and check to see if it’s legit.
Be careful out there!