Section 1: What email did I receive, and how did I know it was a Phishing Scam?

 

 

Phishing emails claiming to be from PayPal are unfortunately becoming more and more common.  Below is an example of what I received a few days ago:

 

PayPal Phishing

 

I actually do use PayPal quite a bit, so when I received this email I wasn’t at first suspicious, until I dug in a little deeper.

 

The main clear indicator that this email is a Phishing Scam is that the links in this email don’t actually go back to PayPal.  How did I know this?

 

In Outlook 2007 and 2010, when you hold your mouse over a link in an email, a box will pop up and show you where the link is actually going, an example can be seen below:

 

PayPal Bad Link

 

As we can see, this link actually goes to “http://bdembassy.gr/somnolence/index.html”, not PayPal.  As a matter of fact, all links in this email go to that strange bdembassy.gr page, and not PayPal.

 

If you receive this email, delete it immediately.  It will cause no harm to you if you do not click on the links inside.

 

Additionally, if you are using Office365, or an on-premises email solution provided by AIM Communications, your email anti-virus should detect this is a Phishing email and quarantine or delete it before you get it.

 

 

Section 2: What happens if you click on a link in the email?

 

As with most PayPal Phishing scams, the links take you to a page which looks like the PayPal login page, and requests that you enter your username and password to see details of the transaction.

 

It’s actually not a PayPal page at all, but a page that instead collects your PayPal username and password and send it to the Phishing Scam attacker so that they can login to your real PayPal account.

 

From there, the attacker will usually try to steal any available funds.

 

 

Section 3: What should I do if I clicked on the link, and entered my PayPal details?

 

You should immediately change your PayPal password, and then check any linked bank accounts and credit cards for fraudulent activity.  If you discover any fraudulent activity, contact your bank, and PayPal immediately.

 

Do you have any questions, comments?  Email us on blog@aimcom.com.au
Interested in receiving these in your inbox as we write them?  Simply fill in your email address below and click “Sign me up!”