I've been referring to these as Phishy Invoices 😋 Almost all of them have been related to Domain renewals. What I do find interesting is the Phishes roughly coincide with my actual renewal dates. I infer from this, the fraudsters generating these Phishy's have: Access to Domain expiration dates, Who owns the Domain (e.g email contact and probably Domain Registry. E.g. GoDaddy), and A PayPal account to generate the Phishy Invoices. It's one thing to generate a Phishy email. Another to have the email generated from PayPal due to an Invoice coming in requesting payment. The fraudsters are pretty good ... except they can't forge the correct vendors where I do pay on invoice vs. pay from a website transaction. I'd state the details I have of the fraudsters from my Phishy Invoices but I see a PayPal moderator removes those from posts. /psr
... View more