CHOICE membership

New Paypal Scam Warning


#1

Yet another grubby scam, this time pretending to be from Paypal to try to trick users into revealing their account details.

image


#2

How to identify a scam email? Not having a Paypal account makes it an obvious scam. :slight_smile:

The main thing to look out for if you click a link in a random email is … what domain have you been taken to and does it provide “Extended Validation”? On my browser the padlock icon is green and has “PayPal, Inc. (US)” after it in green. That says that someone has made an effort to verify that www.paypal.com really is PayPal in the real world.

That news item does not tell us what domain clicking the link would take you to. However I am willing to bet that it would not provide EV for PayPal. Unfortunately EV seems out of favour.

Regardless, it is never a good idea to click a link in a random email because it may be attempting to exploit a previously unknown vulnerability in the software that you are using.


#3

Some scam emails use scripting eg php, JS, python and some of these scripts are obfuscated so that looking at them does not clearly show paths used to send a click via a middleman to the legit site. The traffic the person then sends such as password, username, other login credentials are then captured by the middleman. Not all of course do this “trickery”. The best advice, as @person gave, is don’t click links to anywhere that is in an email unless you expected that link to be sent to you eg you requested a password reset by going to the site in question first and sought that password reset yourself. If a site offers two factor authentication use it.

If you want to access your bank go to the bank website don’t click links in emails, want to see your latest energy bill go to the site and don’t click a link in an email. If it is a site you use frequently set up a personal bookmark and use that, just be sure to keep the bookmark up to date as addresses do change, or use an officially supplied app.


#4

A follow on is to be aware of the real website URL. Many fraudsters register site names such as

RealCompanyNameSupport.com when the real site support might be might be RealCompanyName.com/support to fool the unwary.

There are so many combinations that may look real but are bogus, so going direct to the company web site is rule one, and it goes without saying that using a search engine to find company web sites does not always filter out the scammer sites so one’s attention is required.