As you probably know, scammers are constantly using phishing attempts to try to steal the login info for our financial accounts.
And sadly, they’re often successful.
While they certainly love stealing logins to victims’ bank accounts, the scammers seem to have a special love for scamming PayPal customers.
There are many different types of PayPal scams making the rounds 24/7, but the most common variety uses fake emails that appear to have been sent by PayPal.
Many of these PayPal email scams state that you need to verify your information or dispute a questionable transaction, but the ones I’ve been receiving lately claim they’ve noticed unusual activity on the credit card that’s linked to the PayPal account.
For an example of what I’m talking about, take a look at this screenshot of a fraudulent “PayPal” email I received last night:
Looks like a pretty serious matter that needs to be handled immediately, right?
Well, this email is fraudulent, and if you take a close look at it you’ll see several glaring clues:
1 – The sender’s email address has nothing to do with the PayPal company.
EVERY legitimate email that PayPal send out has @paypal.com in the email address. There are no exceptions.
2 – The salutation simply reads “Dear Customer”. If this email had truly been sent by PayPal it would have addressed me by my actual name.
3 – The text of the message is poorly formatted and grammatically incorrect.
The email messages that PayPal and other legitimate companies send out are always concise, but they are also well written and contain no glaring grammatical errors.
4 – The word “unauthorised” in the paragraph contained in the “How you can help” section is spelled with an s instead of a z.
Here in the United States we spell “unauthorized” with a z instead of an s.
The use of the British spelling is a huge clue that the message was written by someone who speaks and writes British English.
PayPal is an American company and all of their official emails to American customers are written using American English.
The reason I took the time to point all of these clues out is because they can help identify fraudulent emails that appear to have been sent by other companies as well as PayPal.
Most every company in America has strict guidelines for the format and text of their emails.
If you ever see any of the above types of clues in an email you receive, I recommend that you assume that the email is fraudulent, regardless of how legitimate it might look otherwise.
By the way, if I had taken the bait and clicked the enticing blue button in the email, one or both of the following would have happened:
1 – I would have been taken to a fake PayPal login page that contains a form designed to steal my PayPal login information.
2 – Malware would have been downloaded onto my machine (most likely a trojan that would “mine” all the personal and financial info that’s stored on it).
And now, I’ll simply leave you with the recommendation that I always make in regards to emails that appear to have been sent by a financial institution: Assume the email is fraudulent even if you believe it to be legit.
What I mean by that is you should simply ignore any instructions to click a link or button in the email and visit the company’s website directly.
If there’s really an issue with your account that needs to be handled, you’ll receive a notification regarding the issue after you have logged into your account.