Paypal Users: Don't Get Caught By Phishers

There is a rising trend in Paypal phishing scams. The latest Paypal spoof I received warns me that my Paypal account has been suspended. It asks me to restore full access to my account by logging in to Paypal. When I click on the link provided in the email, I am sent to a website that looks exactly like the PayPal login page. But the link does not go to Paypal. This is the link displayed in the email I received. https://www.paypal.com/cgi-bin/webscr?cmd=_login-run When you click on the link it actually takes you to a phisers page. It is generally not a good idea to click on links in an email. If you do, be sure that you are signing into the Paypal website by looking at the address location area of your browser. If you have already replied to the fraudulent email, contact your bank or credit card companies immediately to prevent identity theft. If you wish to check your Paypal account status, manually type PayPal's address into your browser and log in normally. I was able to tell that it was a spoof email because the email began with “Dear PayPal member." Paypal will always address you by your first and last name. They will never send you a message and address you as “Dear PayPal member” or such. Another way to tell if an email is from Paypal is to look at the full header. The email header is your indication of whether the email is from Paypal or not. When looking at the header it should say who sent the email in the first two lines. Example in the latest spoof email I received it came from Return-Path: lester@server.ravin.net Received: from http://server.ravin.net If it doesn’t say that it passed through Paypal’s server, then you know the email is a spoof. The FBI is actively investigating these spoofs, so please report any suspicious emails by forwarding them to spoof@paypal.com. You can also file a complaint with the Internet Fraud Complaint Center at http://www1.ifccfbi.gov/strategy/howtofile.asp . More advice regarding protecting your Paypal account can be found at https://www.paypal.com/cgi-bin/webscr?cmd=xpt/cps/general/SecuritySpoof-outside This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 2.5 License.