You know, I rarely get these things because my e-mail filters out almost all spam that I receive. However, since I started using G-Mail as my e-mail service for this blog, I have noticed that a few of my e-mails have been sent to the Spam folder that shouldn’t have gone there. So, I always check my Spam folder just to be sure. In fact, I have been using PayPal a lot recently, and a couple of the PayPal e-mails went to my Spam folder when the should have gone into my inbox. No big deal, I just moved them over into my inbox and I was done with it. The good news is, G-Mail “learns” your settings, so if you click “not spam” or “spam” a few times, it will automatically place the e-mail accordingly.
Well, today I had two PayPal e-mails in my Spam folder, one was legit, and the other was not. The legitimate e-mail was for a payment received, the phishing e-mail was a “Receipt for Your Payment” that I never made. That is what they are counting on. They want you to contest the payment by scrolling down within the e-mail where there is a link titled “Dispute Transaction.” Next to it are the words “Encrypted Link.”
I don’t know for sure, but my guess is the link takes you to a site that looks like PayPal, but has a different URL. There the log-in is designed to harvest your information, probably by giving you an error screen and a message to try back later. By then, your log-in information is long gone and they will sign into your PayPal account with your information and send the contents of your account to their designated bank. Gone. All of it.
At first glance, the e-mail looked legitimate based on the layout, color scheme/pictures, transaction numbers, dollar value, and links. However, upon closer inspection of the details and language of the e-mail, I decided I needed to investigate further. Instead of clicking on any of the links within the e-mail, I logged on to my PayPal account in a separate window. There was no pending transaction for my account. This confirmed my suspicions.
Don’t fall for this scam. If you ever have any doubts, don’t click on any links within the e-mail. Open the website in question in a different window and investigate on your own. That is the safest way to handle it… And you can never be too safe!