phishingMay 19, 2008
You may or may not have heard of the term, “Phishing” (pronounced like “fishing”). Phishing is the act of sending an email pretending to be from an online store or service such as eBay, PayPal, Amazon, major banks, etc.
The format of the email will look very similar to a standard email you would get from such a service. It might even contain the company’s logo. Here’s an example phishing email I received a while back:
PayPal is committed to maintaining a safe environment for its community of customers. To protect the security of your account, PayPal employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the PayPal system for unusual activity.
We are contacting you to remind you that on 28 September 2006 our Account Review Team identified some unusual activity in your account. In accordance with PayPal’s User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved.
To secure your account and quickly restore full access, we may require some additional information from you for the following reason:
We have been notified that a card associated with your account has been reported as lost or stolen, or that there were additional problems with your card.
This process is mandatory, and if not completed within the nearest time your account or credit card may be subject for temporary suspension.
To securely confirm your PayPal information please click on the link bellow:
We encourage you to log in and perform the steps necessary to restore your account access as soon as possible. Allowing your account access to remain limited for an extended period of time may result in further limitations on the use of your account and possible account closure.
For more information about how to protect your account please visit PayPal Security Center. We apologize for any incovenience this may cause, and we apriciate your assistance in helping us to maintain the integrity of the entire PayPal system.
Thank you for using PayPal!
The PayPal Team
It looks pretty real doesn’t it? Someone who’s not ever experienced receiving an email like this or isn’t very familiar with how PayPal works may fall for it. The email seems harmless and the link even appears to go PayPal.
First and foremost: PayPal, eBay, Amazon, and most likely your bank will not
send you such an email if your account was truly compromised. So this is your first clue that the above and similar emails are a phishing attempt.
The link looks real doesn’t it? Take a closer look. Does the link *actually* go to PayPal?
No, it doesn’t. The link actually goes to http://www.blahblah2.paypal345.blarg.org.com.net/ which is something I just made up. In a real phishing attempt the link may contain the word PayPal (or ebay or your bank, etc) in the URL as this one does, but it’s not really PayPal. Don’t be fooled!
What you’ll be taken to is a site that will look like PayPal, may even look exactly like the PayPal home page, and there will be a form for you to enter your information. Usually it will ask for your account ID, password, credit card number and possibly your social security number. Once you hit submit after filling out the form, that information is collecting by identify thefts who will then use your information to make fraudulent purchases. They will very likely also purchase a web hosting account that will be used for their scam. (They also hack into unsuspecting innocent people’s websites and upload scripts and mailers to send out these notifications and collect data from people who fall for their phishing emails.)
Another clue is these emails usually contain poor grammar and misspelled words. In my example above, take a look at the last paragraph. Most major companies know how to spell, “incovenience” (inconvenience) and “apriciate” (appreciate) and if they don’t they are usually smart enough to run emails they send to their customers through a spell-checker.
When it doubt, never never never
click a link you receive in email that states you need to update your PayPal account. Always go to paypal.com, ebay.com or your bank, etc. by typing the address in your browser if you need to update account information. You can always call them as well and see if your account actually does have any issues.
If you receive an email supposedly from PayPal, your bank, etc, telling you there was suspicious activity, or that you need to update your account, if there was an unverified transaction, or anything at all that directs you to click a link to correct the situation, do NOT click the link and input any information. Always always go to the the sites manually. Report the emails you receive to the abuse address for the website/service you are trying to visit. For PayPal it’s [email protected]
For eBay it’s [email protected]