Really convincing phishing attempt?

dandandan
Contributor
Contributor
Posted on
‎Jul-27-2018 11:15 PM

Okay, so I woke up this morning to an email from PayPal saying that my password had been changed while I was asleep! Panic stations! It was from *for some reason I'm not allowed to say but <removed>, mailed by paypal.com and signed by paypal.com! It gave me a number to ring - 08707 <removed>- and Google showed it to be a legitimate number, albeit an old one that I couldn't call off my mobile. So I googled the freephone number, called that, spoke to a robot for 10 minutes, found it to be completely useless, gave up, and decided to try and just log in. So I did, and my old password worked just fine! What the **bleep** is going on here??

Labels:
Login to Me Too
0 Kudos
Login to Reply or Kudo
3 REPLIES 3

kernowlass
Esteemed Advisor
Esteemed Advisor
‎Jul-27-2018 11:51 PM

@dandandan

 

If its a spoof, DO NOT USE ANY LINK.

Firstly if the email/ text addressed you as ''Dear Member'' / ''Customer'' / ''Client'' OR your ''email address'' then that confirms its a spoof as paypal would address you by your full name eg Dear John Smith.

Secondly if there was a link OR attachment in that email to ''cancel'' the transaction or ''confirm'' any details then again it would be a spoof.

If there was a problem with your account paypal would not ask you to click on an unsafe link in an email or by downloading an attachment, they would direct you to log in normally and go to the resolution or the message centre for more information.

More info here >>
https://www.paypal.com/uk/webapps/mpp/phishing


Advice is voluntary.
Kudos / Solution appreciated.
Login to Me Too
0 Kudos
Login to Reply or Kudo

dandandan
Contributor
Contributor
‎Jul-27-2018 11:59 PM
But it gets even stranger there. It addresses me by my full name, and there's no link or attachment in the email; only the legitimate PayPal phone number. I'm starting to think the email wasn't a phishing attempt but was instead sent out in error. If so, this is really shoddy service from PayPal. Nearly gave me a heart attack!
Login to Me Too
0 Kudos
Login to Reply or Kudo

kernowlass
Esteemed Advisor
Esteemed Advisor
‎Jul-28-2018 12:06 AM

@dandandan

 

Try phoning again but this time DO NOT select any options, either stay quiet OR say 'Agent' a few times.

And forward the email to spoof@paypal.com to check it out.


Advice is voluntary.
Kudos / Solution appreciated.
Login to Me Too
0 Kudos
Login to Reply or Kudo

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.