'New login to paypal' email, is this legitimate or a phishing scam?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I received the email below this morning showing a login from a computer I don't recognize.
Is this a legitimate email from paypal?
Is '<removed>' a legitimate Paypal email address?
Thus was someone actually able to successfully login to my account?
Here is a copy/paste of the email:
|
|
|||||||||||||||||||||
|
|
|
|||||||||||||||||||
|
|
|
|
|
|
|
|
|
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don't have an answer but received the identical email. It seems real. I changed all my login and added 2 step verification, which I thought I already had on. Did you check your activity settings?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I received an email this morning of the exact same format. Spam/Phishing emails are usually easy to identify but this has me wondering. First, according to whatever live.com does to check legit addresses, it came through as a safe sender i.e. service"at"paypal.com . Usually when it is spoofed, it has a malicious "reply to" address and doesn't even make it past the spam folder. Second, my real name is at the top of the email. Usually malicious emails will have "Dear customer" or something generic because all an attacker has is the email and not your other account info. Third, the city/state where the login supposedly came from is somewhere I actually traveled to in the last several months (but did not use paypal). Fourth, the link leads to an actual paypal.com password reset page.
But here is the thing, when logging into paypal directly through their page (not using any links) I get my usual interface, no activity, no warnings, and I could not for the life of me find any way to look at previous login activity. Seems like something would be there (or should) so people can check for this kind of activity. Many (most) other services have this, even if it is just a "last login" kind of thing with date/time/location.
Adding to the confusion, previous emails from paypal have referred to both my business name and my real name at different times so I cannot tell if this is real, or if it is simply a situation where someone has my name and my email and is using them together for a more sophisticated attack. Given how many times my personal information has been compromised in security breaches over the last 10 years, I have occasionally been targeted. But geez I gotta say, for every person out there smart enough to pull of an attack, they can never never ever seem to get grammar or formatting correct and their emails are easy to spot. As far as this email, I cannot tell. Other than missing a space after the comma of the city, state location, there are no obvious typos.
At cursory glance, it appears to be legit, but without having a way to verify through Paypal directly i.e. no obvious indications or tools on your account dashboard to audit your security, it should be considered as part of a more sophisticated attack and looked into. Of course the password change and 2-factor authentication is a good idea.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Haven't Found your Answer?
It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.
- Legitimate company? in PayPal Basics Archives
- Two of my transactions are held due to unauthorized transaction in My Money Archives
- Helping Prevent Falling For Fake Paypal Phishing Emails in PayPal Basics Archives
- List funds in Payments Archives
- Is this email legitimate? in Products and Services Archives