Phishing is the most common way to impersonate someone authentic and scam people. There are tons of mail fraud complaints resting in the cyber crime police stations in India. While most of the emails originating as scams end up in the Trash of an email account, some emails pass through the filters and end up in Inbox. Here is where people open the mail and with a little hurry, do not check the point of origin of the mail and whether the sender is authentic or not.
Recently I read about a mail from Paypall. No, I have not mistakenly put a second ‘l’ at the end of Paypall. That’s where the mail originated from. They identified themselves as PayPal and sent the mail to a friend of mine, using his Full Name. That’s a surprising factor, because most of the scam e-mail is sent by creating random email addresses. And if someone opens that email and clicks any link or image in it, then the sender gets a confirmation that an email account with the random name exists.
In addition to the online credit card fraud, these kind of e-mails ask you to login using the link provided in the mail. When an unsuspecting user clicks the link, he will be directed to a website which looks exactly the same as the authentic website. The unsuspecting user tries to login using his authentic user name or account number and password. This will get stored in the scammer’s database and he will use the credentials to abuse the account of the innocent user.
Like wise, these scam e-mails are also sent under the disguise of PayPal, an authentic money transfer portal whose reputation precedes it. This email I read said that my friend’s account is going to be closed as they suspected a fraudulent task and the next action that any user should do is, use the link provided in the email and login to their PayPal accounts. If this process goes through, then the username and password will be stored in the scammers’ database and he may use it for any kind of fraudulent act.
Below is the mail verbatim:
Subject line: Notification of Limited Account Access RXI-6166
Body: Hello <<Full Name Here>>,
As part of our security measures, we regularly screen activity in the PayPal system. We recently contacted you after noticing an issue on your account.We requested information from you for the following reason:
A recent review of your account determined that we require some additional information from you in order to provide you with secure service.
Case ID Number: PP-648-716-821This is a second reminder to log in to PayPal as soon as possible. Once you log in, you will be provided with steps to restore your account access.
Be sure to log in securely by using the following link:
Click here to login and restore your account access
Once you log in, you will be provided with steps to restore your account access. We appreciate your understanding as we work to ensure account safety.
In accordance with PayPal’s User Agreement, your account access will remain limited until the issue has been resolved. Unfortunately, if access to your account remains limited for an extended period of time, it may result in further limitations or eventual account closure. We encourage you to log in to your PayPal account as soon as possible to help avoid this.
To review your account and some or all of the information that PayPal used to make its decision to limit your account access, please visit the Resolution Center. If, after reviewing your account information, you seek further clarification regarding your account access, please contact PayPal by visiting the Help Center and clicking “Contact Us”.
We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.
Thanks,
PayPal Account Review DepartmentPlease do not reply to this email. This mailbox is not monitored and you
will not receive a response. For assistance, log in to your PayPal account
and click the Help link in the top right corner of any PayPal page.
—————————————————————-
Copyright © 1999-2011 PayPal. All rights reserved.
PayPal Email ID PP-648-716-821
That’s the mail my friend received. Users have to be extremely careful when they receive these kind of emails. There are several steps that can be taken to prevent these kind of phishing identity theft situations.
- Always check the sender’s email address for these kind of emails.
- If the mail says that it’s from PayPal or ICICI Bank or any kind of authentic banks, then the sender’s mail will have to surely end with ‘@paypal.com’ or ‘@icici.com’ or any other company name. If it’s not ending like that, then it’s definitely a scam e-mail
- If the sender’s email address looks authentic, check the contents of the email. Scam e-mails usually have grammatical and spelling errors which are very much obvious to regular English readers and speakers.
- If you can’t recognize that it’s a scam, then do not use the links provided in the emails. They lead to the scammer’s website. So, if you receive an email stating that it’s from PayPal, read it first. Then, open another browser window or a new tab and login directly(I do this) by typing www.paypal.com or any other website name.
These are sure fire ways to save yourself from phishing. If you, by any chance become a victim of PayPal phishing, then immediately contact your bank whose credit card is attached to your PayPal account and inform them about the situation and block the card from further use.
Next step would be to report the phishing email to PayPal by copying and pasting the email in their Support page. This will let them ensure that money ‘can’ be reinstated into your account and inform their customers about the phishing email.
Even if you do not fall for the lame trick, inform the PayPal team about the email so that they can take the necessary next steps.
BTW, when I tried, Paypall.com led me to ApnaPaisa after hopping on several IP addresses.
Did you ever fall for the phishing trick? did you face any problems because of these phishing emails? Do share in the comments section.
