I received a lot of positive responses (comments and email) after last week’s warning about bogus Yahoo! Lottery scams, so I thought I’d keep with that theme and offer up some more tips.
Hopefully just about everyone knows that when someone sends an “URGENT” message “from the desk of…” some guy insisting that you just lucked into a fortune, your “too good to be true” alarms should sound off.
But a well crafted phishing email can be a little harder to spot without looking for key indicators. A quick glance at my spam folder revealed two different scammers posing as PayPal, notifying me of an urgent need to click a link and verify information.
If you look at the screenshot on the right you will see that the scammer is using the updated PayPal logo, but don’t let that give you a false sense of security. The greeting gives it all away. PayPal will ALWAYS address you formally by the name registered to your account. So if you have a personal account it will be your name, and if you have a business account it will reference your business name. Never as “Dear PayPal Member” or “Account Holder”.
Now that doesn’t mean that a message addressing you correctly is guaranteed to be legit, but it does mean that a message not addressing you directly is an obvious ruse.
Once you get past the greeting, you can also look for mistakes in the copy. In the above example there is an extra period at the end of a paragraph. In the other sample there is a missing return space between paragraphs. These are small things, but a lot of scammers seem to miss them.
Also, both examples urge you to click a link to go somewhere and input information … which most reputable sites won’t ask you to do.
Remember that these aren’t tips to confirm that a message is authentic, but rather clues to easily filter out a lot of the bad ones that aren’t authentic. Ultimately your best bet is open a new window and visit the site how you normally would, and look for any alert messages there. If you have a problem with your account they will usually notify there too.
Hope this helps a little more!
Ryan K.
Community Manager
Yahoo! Mail
I got 3 of these today in my Yahoo inbox, the Paypal phishing ones, and the sender’s address is not hidden so I could see they’re from Yahoo email addresses.
Yahoo has gone WAY downhill the last year in protecting me from spam and phishing emails. I’ve had my yahoo address for ten years. These emails used to never get past my spam filters, and I wouldn’t get many at all in the spam folder anyway. Now I get tons and tons in my spam folder and at least once a day every day a spam email sneaks through into my inbox.
If I had received all the kazillions of money I have won from Nigeria, England, etc… We could all retire! Now I have a guy who sent me a check and told me to keep 10% and send him the remainder, “oh yea!, I was born yesterday!”
I would NEVER use Paypal again – got caught up with someone using my credit card after buying a CD from Amazon.
i did not get an email .a box pop up and said did you want this charge to go through if not despute it i click dispute it then the box went off that was it now what do i do i didn’t give nobody my credit number so how will they charge me i know i’m confuse they charges me 19.95 also
It is scary knowing about this fake paypal is out there. Even when I buy things online I don’t have the time to check if the paypal site is authentic. And I consider myself very aware about issues like this. From now on The caution level has to ba raised. I don’t mind spending more time to pay for something than risk being taken advantage of.
If you have received an email stating that our website has charged you $19.95 via Paypal, please ignore this and DO NOT click on any links inside the email. This is a phishing email. You were not charged anything from us. This email did not come from us. Please forward the email you received to spoof@paypal.com immediately. We are working with them to track the individuals involved. We apologize for any inconvenience this has caused you.
Regards,
ResearchAnyone.com Team
YES, SHERRY I HAVE RECEIVED THAT $19.95 MESSAGE – WHO CAN i CONTACT TO STRAIGHTED THIS THING OUT. THANKS. HARRY
i get all of these every day. i sympathize with you all. i get ones from nigeria, uk, microsoft, yahoo, some have the nerve to say they are service men stationed in iraq (i am in NY!). these people are low and will stoop to any level to get your information.
one thing i can help you with is who to report the fake paypal to. when you get this one, you can foward it to “spoof@paypal.com”.
I got that so-called alert from yahoo accounts too, warning me my account would be deleted if I didn’t verify my information within two weeks. I forwarded it to the phish email. This was a little more difficult to spot than the usual phishing scams, but I just keep in mind that any email asking for my password is phishy.