Phishing emails seem to be more prevalent these days and it seems lately that I’ve been getting more and more of them. I’ve talked about some of the ones I’ve received in the past especially those that are supposedly from Apple, Netflix, and Amazon, just to name a few.
Obviously they’re not real emails from those companies and I’ve talked about what to look out for in which it shows they are phishing emails trying to get your precious login information to the actual companies you have accounts with. I’ve even shown a PayPal phishing email that I’ve received in the past.
Well today, I was checking my email and lo and behold I received another email that’s supposedly from PayPal, but really isn’t. Just like the previous one I’ve received, I will show you what to look for so that you don’t become a victim of one of these emails. Without further ado, let’s take a closer look at this PayPal phishing email scam and what makes it such a blatant scam that you don’t want to fall for.
Suspicious Activity…Or Not
One of the first things I noticed is that the email header is long….REALLY long!
“Receпtly Updates: [ News Information Update- Suspicious Аctivity ] Youг Accouпt Has Beeп Temporarily Limited. Case 61321 # [IT254PP1460-542-448-448] # PP — ID :6677377357“
There was also an envelope symbol preceding this particular header which I also thought was a bit odd. It’s certainly something I’ve never seen from PayPal before so why would they start using this all of a sudden? Why also are there brackets around some of this important information?
It looks like they’ve included some kind of case number which is 61321, but then what are these other numbers and letters inside the bracket? Does the PP stand for PayPal and what is the final set of numbers? The header creates more confusion than there supposedly being suspicious activity on my account. We haven’t gotten to the body of the email yet!
When you see an email header like this, it should definitely throw up a red flag for you. It shouldn’t state anything like this. It should be short and to the point if it’s a legitimate email from PayPal or any other reputable company that you have an account with. There shouldn’t be anything vague or that makes you question things like this particular header does.
The Body of The Email
Now time to get into the meat and potatoes of this phishing email. We’re going to take a look at the body of it and see just what sets off alarm bells.
“PayPal is looking out for you
At PayPal, your security is a top priority. We’ve taken extra precaution to confirm that your PayPal account is secure and have assigned your account with a temporary limited.
You will need to restore your account to re-access your PayPal account.
To restore your account:
1. Click “Log In Now.” In the below section.
2. Follow the steps to restore your PayPal account.
Log in Now
Once you’ve done this, your PayPal account will be restored immediately. If you have any questions about your account, please contact us.
Well this should all sound convincing right? I mean they’ve taken extra precaution that may PayPal account is secure by assigning it a temporary limited. What the heck is a temporary limited?! See how crazy this sounds? It makes absolutely no sense what they’re saying.
To top it all off, they want you to click the link they’ve provided to restore your account. Just use your login information, find the temporary limited and then your account will be fully restored!! WRONG! Do not click that link under ANY circumstances! It’s a fraudulent site made to look like it’s PayPal, but it really isn’t. If you type in your actual credentials to your PayPal account, whoever created this fake website, will now have those credentials, login in to your actual account and then could go haywire with your money especially if you’ve connected your bank account to your PayPal account.
Many people have fallen for these types of scams and have to try and cleanup the mess that was created because of that. A lot of times they’ve had to shut down their debit card or bank account or both. It could even lead to identity theft which could even be more problematic and take years to fix. Trust your gut and don’t click on those links. I will share with you towards the end what you can do if you suspect you’ve received a fraudulent email disguised as PayPal.
The Email Address is Legitimate….Right?
I’ve stressed this before, but it’s worth repeating. Before you even get into the email or maybe you already just glanced at the header, you want to take a look at the email address it came from. That should be your biggest red flag before you even read the email.
Does the above email address look even remotely like it’s something official from PayPal? It sure doesn’t and that should be your biggest alert that this email is not legitimate. If this were a true email from PayPal, it would have something in the email address similar to this: @PayPal.com.
I don’t know what kind of email firstname.lastname@example.org is, but I can guarantee you 100% that it is not a PayPal email address. Since I’ve been getting a lot of these type of emails lately, my first instinct is to immediately look at the email address. That will my tip off that the email is not legitimate and it should be your first tip off as well.
Spelling and Grammatical Errors
I’ve already talked about something that doesn’t make sense in the body of the email. The temporary limited makes no sense whatsoever and is definitely something PayPal themselves would never use if they truly did suspect strange activity from your account.
A lot of times, these type of phishing emails will be filled with these type of errors. Words that don’t need to be capitalized, sentence structure that doesn’t make sense, and of course words that are misspelled. If those things don’t make you suspicious of this type of email then I don’t know what will.
For now, these are the easiest ways to determine if an email is legitimate or not. Scammers are certainly getting more sophisticated and there are a few emails that do not have any of these type of errors, surprisingly. The one thing though, in that case, that lets me know the email is a fake is the email address it came from.
What you can do if you’re still not sure
Even after all the things I mentioned above which can give you big red flags of the legitimacy of an email, you’re still not sure, there’s another option you can choose before you click that oh so dreaded link in the email.
A lot of companies tend to have special email addresses or ways to contact them with fraudulent emails that you may receive. Thankfully, PayPal does have to pass those emails along and I’m going to share that with you. Forward any suspicious emails to email@example.com. You’ll usually get a response from them verifying that the email is not a legitimate one from them and they may ask you if you clicked on any of the links in the email.
If you have clicked on the links and maybe even logged into the spoof site using your real PayPal credentials, they may give you some information on what you can do next or you may have to contact their customer service and they may do things to your actual account so that you don’t become a victim of fraud or at least to limit the impact of it.
I will share soon a list of a lot of the major companies emails or contacts to where you can forward suspect emails to because it’s important that they be aware of what’s out there and how scammers are trying to scam actual customers. What emails have you received that you questioned the legitimacy of?