PayPal account phishing

Depositphotos.com/fabioberti.it
Depositphotos.com/fabioberti.it

In a previous article, How your Yahoo! Mail account can be hacked with phishing – A real life example, I mentioned how Yahoo email phishing can take place. Phishing can take place with any website especially where hackers have a chance to steal money.

I keep receiving PayPal.com phishing emails. The sender pretends to be from PayPal and asks me to take some action and click a link to remedy the situation: “Warning! Your PayPal account was limited!”

In the picture below, notice the following suspicious elements:

  • The “Reply-To” is fishy (noremply@support.com)! It does not belong to PayPal.com
  • The email subject is simply “Update!”
  • The email text is really fishy as well. The message has a sense of urgency around it…fake urgency.
  • When you hover over the “Click here to Confirm Your Account Information” the target address is: http://msanterre.dectim.ca/wordpress/wp-admin/upp/update/secure/ <– Bid red flag. This is not PayPal

paypal-phishing
I used a disposable virtual machine to browse to this suspicious address (http://msanterre.dectim.ca/wordpress/wp-admin/upp/update/secure/) but of course it was taken down.

So I decided to lookup the Whois information about this phishing address:

dectim

Take aways from this phishing attempt:

  • Never get scared because of the message in the email. There is nothing urgent when it comes to electronic communication or online banking / financial related things
  • Always inspect the sender’s email address
  • Never click on links in an email. Hover the mouse over the link and see where it points to
  • If you get a message that claims it is from PayPal, then go manually to PayPal.com (as you usually do) and login and see what needs your attention

You may also like:

Leave a Reply