cancel
Showing results for 
Search instead for 
Did you mean: 

** Spoof / Phishing Emails - Tips on how to identify & stay protected **

Options
ba296
New Community Member

I believe paypal-communication.com is a domain legitimately owned by Paypal. Can you confirm with your security team?

** Spoof / Phishing Emails - Tips on how to identify & stay protected **

Options
bar-keep
Contributor

Sigh,  It's legit.

 

 

Raw WHOIS Record

Domain Name: paypal-communication.com
Registry Domain ID: 1649488607_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.markmonitor.com
Registrar URL: http://www.markmonitor.com
Registrant Organization: PayPal Inc.
Registrant Street: <removed>, 
Registrant City: San Jose
Registrant State/Province: CA
Registrant Postal Code: ‎[removed]
Registrant Country: US
Registrant Phone: +1.Go to https://www.paypal.com/help and click "Call Us"

** Spoof / Phishing Emails - Tips on how to identify & stay protected **

Options
Cantoris
Contributor

Hi @bar-keep

Have a look here too: /t5/Access-and-security/epl-paypal-communication-com/td-p/1164823

I've had so many PayPal people tell me it's not their domain despite the overwhelming evidence to the contrary.

Doesn't inspire confidence at all...

** Spoof / Phishing Emails - Tips on how to identify & stay protected **

Options
Kapé
Member

@rocqua wrote:

That's what I thought, until I received a link towards epl.paypal-communication.com .
After some digging around, that domains is also registered by paypal, but it gave me quite the scare.



So it is legit? Really strange PayPal does this, as I only (tend to) trust 'paypal.com'.

** Spoof / Phishing Emails - Tips on how to identify & stay protected **

Options
Cantoris
Contributor

I've just had one of these.

It looks suspicious due to the target URL but has my real name on it which is very unusual for a scam.

The site's SSL certificate is an Extended Validation one issued by DigiCert to "PayPal, Inc. [US]" which would suggest it is actually legitimate but the domain is registered to "Epsilon Data Management" (whereas paypal.co.uk and paypal.com are not) which is suspicious again!

 

I've sent a help email about it through my account and forwarded the email to spoof@paypal.co.uk

 

I'll update this thread if I get a definitive response.

** Spoof / Phishing Emails - Tips on how to identify & stay protected **

Options
Cantoris
Contributor
I got a reply from the spoof-reporting email address saying that the URL was "likely fraudulent" - that's not conclusive enough for me! Today, I received another email addressed to me by full name and referencing "policy updates". I tested the link (which was to the same "epl.paypal-communication.com" domain as before) via Sandboxie and it redirected through to a genuine policy updates page at paypal.com. I've emailed PayPal Support again...

** Spoof / Phishing Emails - Tips on how to identify & stay protected **

Options
bar-keep
Contributor

Thank you for your persistence.  

** Spoof / Phishing Emails - Tips on how to identify & stay protected **

Options
Cantoris
Contributor

My complete experiences of trying to get PayPal's opinion on emails with links to epl.paypal-communication.com are summarised here in the following link.  I hope it's OK to post it here.

 

https://cantoriscomputing.wordpress.com/2017/03/04/paypals-emails-encourage-dangerous-habits/

 

I've given up!

** Spoof / Phishing Emails - Tips on how to identify & stay protected **

Options
Artiominas
Contributor

Do not trust buyer!!!

 

Post edited to comply with forum guidelines, personal information cannot be posted 

** Spoof / Phishing Emails - Tips on how to identify & stay protected **

Options
PayPal_paula
Moderator

Hi Artiominas, 

 

Although we really appreciate you trying to warn our members to be careful, we can not post personal informattion here. 

 

If you receive any of these emails in the future please do let us know. You can also send them to us to spoof@paypal.com. 

 

Thanks 

Paula 

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.