PayPal account phishing

In a previous article, How your Yahoo! Mail account can be hacked with phishing – A real life example, I mentioned how Yahoo email phishing can take place. Phishing can take place with any website especially where hackers have a chance to steal money.

I keep receiving phishing emails. The sender pretends to be from PayPal and asks me to take some action and click a link to remedy the situation: “Warning! Your PayPal account was limited!”

In the picture below, notice the following suspicious elements:

  • The “Reply-To” is fishy (! It does not belong to
  • The email subject is simply “Update!”
  • The email text is really fishy as well. The message has a sense of urgency around it…fake urgency.
  • When you hover over the “Click here to Confirm Your Account Information” the target address is: <– Bid red flag. This is not PayPal

I used a disposable virtual machine to browse to this suspicious address ( but of course it was taken down.

So I decided to lookup the Whois information about this phishing address:


Take aways from this phishing attempt:

  • Never get scared because of the message in the email. There is nothing urgent when it comes to electronic communication or online banking / financial related things
  • Always inspect the sender’s email address
  • Never click on links in an email. Hover the mouse over the link and see where it points to
  • If you get a message that claims it is from PayPal, then go manually to (as you usually do) and login and see what needs your attention

You may also like:

Leave a Reply