** Spoof / Phishing Emails - Tips on how to identify & stay protected **
Due to the increase in Phishing /Spoof Emails being reported to PayPal I thought I would post a few tips on this topic that might help.
You’ll know that an email is not from PayPal when:
- The email uses a generic greeting like ‘Dear user’ or ‘Hello, PayPal member.’ We'll always address you by your first and last name.
- The email requests financial and other personal information. A real email from us will never ask for your bank account number, debit or credit card number etc. Also we'll never ask for your full name, your account password, or the answers to your PayPal security questions in an email.
- The email asks you to provide the tracking number of a dispatched item, before you've received the payment into your PayPal account
- The email includes a software update to install on your computer.
Here are some security tips to help you stay protected online:
- Even if a URL contains the word 'PayPal', it may not be a PayPal webpage.
- When using PayPal, always ensure that the URL address listed at the top of the browser displays as https://www.paypal.com. The 's' in ‘https’ means the website is secure.
- Look for the 'lock' symbol that appears in the address bar. This symbol indicates that the site you are visiting is secure.
If you think you’ve received a phishing email, forward it to firstname.lastname@example.org and then delete the fake email from your mailbox.
Hope this helps,
Fraud & Phishing
Sigh, It's legit.
Raw WHOIS Record
Domain Name: paypal-communication.com Registry Domain ID: 1649488607_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.markmonitor.com Registrar URL: http://www.markmonitor.com Registrant Organization: PayPal Inc. Registrant Street: <removed>, Registrant City: San Jose Registrant State/Province: CA Registrant Postal Code: [removed] Registrant Country: US Registrant Phone: +1.Go to https://www.paypal.com/help and click "Call Us"
That's what I thought, until I received a link towards epl.paypal-communication.com .
After some digging around, that domains is also registered by paypal, but it gave me quite the scare.
So it is legit? Really strange PayPal does this, as I only (tend to) trust 'paypal.com'.
I've just had one of these.
It looks suspicious due to the target URL but has my real name on it which is very unusual for a scam.
The site's SSL certificate is an Extended Validation one issued by DigiCert to "PayPal, Inc. [US]" which would suggest it is actually legitimate but the domain is registered to "Epsilon Data Management" (whereas paypal.co.uk and paypal.com are not) which is suspicious again!
I've sent a help email about it through my account and forwarded the email to email@example.com
I'll update this thread if I get a definitive response.
My complete experiences of trying to get PayPal's opinion on emails with links to epl.paypal-communication.com are summarised here in the following link. I hope it's OK to post it here.
I've given up!
Although we really appreciate you trying to warn our members to be careful, we can not post personal informattion here.
If you receive any of these emails in the future please do let us know. You can also send them to us to firstname.lastname@example.org.
Haven't Found your Answer?
It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.