Every day I hear of people that have fallen victim to an online scam or fraudster. Today we look at a Paypal e-mail sent to us, which on the surface looks fairly genuine…….a copy of the e-mail is below, although I have deleted my e-mail to prevent further spam.
How can I tell it is a fake ?
- Always go straight to the sender address. In this case firstname.lastname@example.org. Ignore anything prior to the @. Now look at the actual domain name. “alertservice.com” PayPal would only send from paypal.com. Lets look it up and see. Use this simple WhoIs search http://whois.domaintools.com/alertservice.com This shows the registrar is protected by a domain privacy service in the US. Obviously scammers aren’t keen on giving out their real information. Alarm bells are ringing. WARNING: Even if the e-mail came from paypal.com don’t trust it. Anyone can easily send an e-mail as somebody else. Spoofing. It is really easy to do.
- Nothing in the e-mail is personal to me. No name & referring to me as “customer” so it can be mass e-mailed.
- The next section is where alarm bells should be really loud. “During the next login process, you will be required to provide some information that only the real owner of this account knows” NEVER EVER EVER provide ANY personal information over e-mail or a link in an e-mail. THIS IS THE BIGGEST WARNING I CAN GIVE YOU. If you still don’t believe me just go to your real Paypal login via a Google search and login. You will find your account works fine, but you can contact them directly without the intervention of the fraudsters.
- PayPal get millions of unsuccessful login attempts per day. They would not suspend your account and allow a time limit of 48 hours. If it did trigger a system it would be suspended and you wouldn’t be able to log in. The reason they say this is they don’t want you to test your PayPal account and log in and see all is fine and it adds a time pressure to react and comply with their instruction.
- Check for bad grammar or spelling mistakes. Often scammers aren’t that literate and make obvious mistake if read carefully. As you will see in this example “All Right Reserved” at the bottom is missing an S. I looked up a real e-mail from Paypal and not only does it come from their Europe address but also states “Copyright © 1999-2013 PayPal. All rights reserved.” This is probably one of the better scams.
- Lastly and most importantly, where are they taking me ? so we hover over the “confirm your information” button and the link is: http://account-verification-access-updatecostid8461.loginto.me Most importantly let’s look at the domain name they are taking you to as this will be something they control to retrieve the details you give them. It is loginto.me. So we can see it is registered to an address in Reno, Nevada, but also looks to be hidden by a domain privacy service. So obviously we should be going to an address ending paypal.com !!
- Now a technical one – If we look at the header information in the e-mail it shows the IP address (18.104.22.168) originates from Canada, but through servers unconnected to PayPal.
So these are some things to look out for but a very simple rule. Don’t trust anything. If in doubt go directly to your account and login. NEVER follow instructions in an e-mail.