Consumer Alert: No, your Paypal account has not been compromised. The scam that may land in your inbox
ROCHESTER, N.Y. (WHEC) – We want you to know we’re listening. Many of you have contacted us about a suspicious email landing in your inbox. Recently, I got one as well. I recognized the email immediately because so many viewers have sent it to me. The email urges you to take immediate action because scammers may be using your credit card. The irony, of course, is that the real scammer is the guy who sent you that email.
At first glance, it looks as though the email is from service at Paypal.com. And it has an alarming message. My Paypal account has been restricted because of suspicious activity on a credit card linked to my account. It has a button at the bottom directing me to login to my Paypal account.
Beware. That button is either a phishing attempt or will unleash malware or spyware on my computer. And this email is dangerous. The first clue? The email is generic. It should be addressed to me. The second clue? This scammer isn’t very smart. He sent the scam to dozens of people and didn’t hide the addresses. Paypal would never do that.
Thirdly, the subject line has the letters RE, just before that alleged case number. Of course, that means “reply.” Why would an email directly from Paypal have a reply in the subject line? That’s because this scammer is sending this email to perhaps hundreds or thousands of folks and didn’t bother to fix the subject line.
And lastly, take a look at the real origin of this email. It’s not from service at Paypal.com. It’s actually from firstname.lastname@example.org.
I was able to see the origin of this email by simply hitting reply, but more sophisticated scammers can more effectively spoof an email address, making the email look like it came from someone else. Any mail server can be set up to send from a given domain, like Paypal.com. There are even websites that will let you do that for free. But you can tell where the email really came from by accessing the email header.
Click here for step-by-step instructions on how to view that with each email provided.