Beware of the “Somewhat” Clever PayPal Scam
Of course scammers will stop at nothing to try to separate you from your hard earned money. Today I received an e-mail that made it through my spam filters that tried to get me to click into their site — who knows what it does once it gets there. The e-mail had a number of clues on it though that helped identify it as a scam.
Below is an image of portions of the e-mail:
Paypal Scam E-Mail
One clue is that the To: field had nothing in it. So while the e-mail was sent to me, they didn’t directly identify my account in the to field. Most people don’t display the to field in their e-mail program, so that is not a dead giveway. Next, take a look at the product number. Usually PayPal e-mails identify the source of the transaction, which in this case it did not explicitly, although later in the e-mail it displayed someone’s eBay user ID. Since the product number looks a lot like an eBay number, I checked that out and of course found no product listed there.
Another clue is in the following section:
PayPal Scam E-mail Section 2
Here the name of the eBay seller supposedly is John Deprimo, but shortly after that there is an important note indicating that Cheryl Blake has an unconfirmed address.
But the full giveaway is really the links — and usually that is the case. For example, there are three links in the e-mail. One is to an e-mail address. One actually goes to PayPal. And then there is the Dispute Transaction link (see the first image in the post). If you hover over this link in Outlook (and in most e-mail web clients worth their salt) the actual target of the link is show. In this case it is not PayPal, but some URL to “sytes.net.” And even though it says encrypted link, it is not — instead it all goes across http unencrypted.
So for many this may be old news to you. But it happens every day when someone gets taken by something like this. Use caution and review all of the material in an e-mail. Go to the site directly instead of through the e-mail if you are suspicious. And for PayPal in particular, consider using the electronic security keys that require that you type in a number in addition to your password for logging into your account.
