16 Dec

PayPal Phishing Scam

In the tradition of many phishing attempts, this one is visually quite genuine looking. As you can see from the email message, it says that I made a purchase for $102.90. What you can’t see is that the purchase, apparently, was for a wig. Now I may be getting on a bit but I still have enough hair left that I’m not ready to shop for wigs – and I’m certainly not a cross dresser!

This message plays on the fact that many people would see the details and immediately go into ‘what the heck!!!??’ mode thinking they had been charged for something they didn’t order. It’s a clever play on emotions that will most likely get quite a few people in. It won’t get us though because we’re a little more diligent about links in emails and we never, ever click a link in an email based on the compulsion to wring someones neck for taking our money!

Here’s the message. Note that when I hovered over the ‘log in to your PayPal account’ link it looked nothing like a link to paypal.com as it should do (click on the image to see it in full size).

If you are really, really worried about anything like this and want to make sure you didn’t get charged then you can always go directly to the PayPal website and log in as you normally would, rather than clicking the link in an email. This is the advice I give all of our clients – regardless of how genuine it looks, if you need to log into one of your online accounts, Facebook, Twitter etc always do it the old fashioned way (i.e. from your bookmarks or Roboform) rather than clicking the link in the email.