General discussion
-
Topic
-
Gone phishin’
LockedI got an email from PayPal today telling me that I need to update my account by providing a debit/check card account number. However, the email has a couple of misspelled words in the first paragraph. That made me suspicious at first. On further investigation, the email [b]appears[/b] to be legitimate and the links it forwards you to [b]appear[/b] to be to the real PayPal website. (Though I don’t know how to tell for sure). I find it pretty incredible that a company like PayPal would misspell words in an official correspondence concerning a serious matter like financial accounts. Like I said, from what I can tell this does appear to be really from PayPal but I am leery because of the misspelled words. From what I know about phishing, misspelled words are a tipoff that something is amiss. With the clients I sometimes interact with in my job misspelled words on official documentation are a HUGE no-no, so I can pick them out at the blink of an eye. I am not going to be updating any account information with PayPal until I actually make a transaction using them (which is very rare). Maybe I’m being overly careful because I got one of my credit cards stolen a couple of days ago.
After all this, my questions are: 1) Do you know anyone who has fallen for a phishing scam? (Would you admit it if you have?) The phishers must be hoodwinking at least a few people because phishing is not abating. 2) How can you tell if you are being phished? I would think that a link to a “http” web page rather than a “https” web page would be a clue but that’s not always the case. Phisherman can be pretty smart in building a clone web page.
FYI, below is the first paragraph of the email from PayPal. I have boldfaced the misspelled words (“attion” should be “attention” and “non existant” should be “nonexistent”).
[i]
Dear valued PayPal? member,Due to recent fraudulent transactions, we have issued the following security requirements.
It has come to our [b]attion[/b] that 98% of all fraudulent transactions are caused by members using stolen credit cards to purchase or sell [b]non existant[/b] items. Thus we require our members to add a Debit/Check card to their billing records as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. Your Debit/Check card will only be used to identify you. If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the PayPal? service.[/i].