PayPal Phishing

If you conduct business online, you need to be more cautious than ever before. There is a new scam sweeping the web, one so sophisticated that it can fool the most technical savvy user.

Internet crooks are utilizing phony invoices bearing fraudulent charges to force consumers into instant panic, convincing them to click a link and dispute the transaction. What's even worse is the fact that these messages appear so genuine that distinguishing them from legitimate companies is becoming more difficult.

In this article, we will discuss the basis of PayPal phishing scams and provide a few tips that will help you avoid this phishing scam and others like it.

The Phishing Email

The PayPal phishing scam is one of the most sophisticated of them all. Con artists have been so efficient they are able to get nearly ever little detail right - convincing consumers to willingly hand over confidential information. However, one popular PayPal phishing email message missed two small details, something most untrained recipients probably wouldn't catch. This particular phishing email message referred to a member by their email address, a move that is capable of fooling most recipients. In truth, PayPal clearly states on the Help page that it will only address members by their first and last name, instead of their email address.

The PayPal Phishing URL

PayPal phishing mimics the details down to the service's URL - almost. The URL for the legitimate and fraudulent site were identical with the exception of a few characters. Here is an example:

Legitimate URL:

Fraudulent URL:

On the surface, distinguishing these two URLs may be difficult, but it can be done. You can determine a fraudulent PayPal link from a legitimate one by knowing that all PayPal URLs have the same base domain name which is You should take note that the fraudulent URL actually reads as


How To Detect Phishing

In order to protect yourself from PayPal phishing an similar scams, you must first know the signs. If consumers educate themselves on what to look for, phishers would be powerless and likely focus their efforts in other areas. Here are a few tips:

Look for signs of credibility: Upon receiving an email from PayPal or any other company, you can determine its legitimacy by searching for signs of credibility. Check for misspellings and read the message carefully to determine if it makes any sense. Phishers often operate in foreign countries and might slip up by using poor grammar.

Logos: Although the PayPal phishing scam is quite thorough, look for any discrepancies with logos or the overall appearance of the email itself.

Return Address: Most phishing emails will appear completely genuine with the exception of the return email address. In this instance, you may find that it doesn't match the company who supposedly sent the message.

Contact Information: Legitimate emails from a service such as PayPal typically include multiple resources for contacting them. This normally consist of an email address, a toll free number and a mailing address. A message that doesn't include any contact information aside from a link should instantly raise a red flag.


PayPal Phishing Conclusion

It's important to remember that a message or website that displays creditable elements could still be part of a phishing scam. You can reduce exposure to this crime by knowing that legitimate services such as PayPal would never request important information via email. If you are not certain whether or not the message is legitimate, visit what you know to be the company's official site and investigate the matter yourself.


Log in or sign up to comment.

Post a comment

Log in or sign up to comment.

A computer crash can occur at anytime and on any computer.

By backing up your files--personal documents, financial records, and digital pictures--you can ensure that you will never loose your precious and irreplaceable information.

There are many ways one can back up a computer: special equipment or online programs, which are becoming increasingly popular, can help you to create a sort of 'insurance policy' for the protection of all of your computer-based data.