The email below (in German) is from PayPal. It is not a phishing email or a spam email pointing to some online pharmacy.
I assure you of this. I have verified the DKIM and SPF information in the headers, checked all headers of any trace of alteration and of any trace of foreign IP address or domain.
It is also very correct: it informs me that my credit card behind the PayPal account is about to expire. It asks me to update the credit card by clicking on the yellow button.
At this point, I am without words. I would have never expected to receive something like this from PayPal.
Their suggestions to detect phishing and to report phishing are here: https://www.paypal.com/us/webapps/mpp/security/suspicious-activity
Phishing and spoof emails aim to obtain your secure information, passwords, or account numbers. These emails use deceptive means to try and trick you, like forging the sender’s address. Often, they ask for the reader to reply, call a phone number, or click on a weblink to steal personal information. If you receive a suspicious email, FORWARD it to email@example.com. Our security experts can take a look to determine if it’s a fake. If it is, we’ll get the source of the email shut down as quickly as possible. Reporting these emails helps protect yourself and everyone else, too.
There are some hints about identifying scam email below, but it’s often difficult to be sure if something is real or fake since scammers adjust their tactics. So, if you have the slightest doubt, send it to our experts for investigation.
As a good user, I have sent them the entire email to firstname.lastname@example.org
How should they do things right?
They must not add any kind of link in the email on which the user should click.
They must ask the user to go to their website, login and change the data in the profile.
But nothing more than this.
I have canceled that account.
I wrote to PayPal and I am waiting for their answer.
If I don’t receive any or I don’t like it, I will consider erasing my main account which I have since 2004.
© Copyright 2015 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity
Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch