Anatomy of a PayPal Phishing Scam email

Let’s take a quick look at the anatomy of a PayPal Phishing Scam email. This is based on the real thing since I received one recently.

Anatomy of a PayPal Phishing Scam email

  1. Overall theme (1st image from the top) looks and feels like the real thing. At one glance, the unsuspecting email recipient will think that the email really came from PayPal.
  2. A closer look at the email sender’s address (2nd image from the top) reveals that the email came from PayPall, not PayPal. Unfortunately, not many email recipients bother to check the details. They will just go straight and read the content or body of email.
  3. Content or body of email (3rd image from the top) invokes a sense of urgency/panic to the email recipient. Who wouldn’t be when their PayPal account has been restricted (limited according to the email)? Unsuspecting email recipients that have lots of money on PayPal will definitely go bonkers after reading this email and they will be more than likely to click on the outgoing link and disclose their passwords to phishing sites.
  4. There is one outgoing link (3rd image from the top) that leads to the phishing site. A few other PayPal Phishing Scam emails that I have received in the past have more!

Lessons to learn

  1. Always take a quick peek at the email sender’s address before doing anything else!
  2. Don’t simply click on outgoing links! Hover your cursor over the outgoing links and see where they will lead you to. If the email is supposed to come from PayPal, the outgoing links should lead you to PayPal, nothing else.
Subscribe via RSS or Email:

Related Posts


Post a Comment

  • Commenters are encouraged to leave comments via OpenID but if you have problems in leaving one via OpenID, please refer to this excellent guide.
  • Comments that add tremendous value to the blog post will not only get approved but also will be personally tweeted (learn how!) by the blogger behind this blog, giving commenters the opportunity to get even more traffic and gain even more exposure to their sites or blogs.
  • Comments that have links in the bodies of comments will never be approved.
  • Preferably comments should be made in English but comments in other languages are also acceptable.