Paypal Phishing?

[TromboneAl]

Just got an email saying I've received $200 in Paypal funds from Robert Cooper.

Not expecting any money, and don't know a Robert Cooper.

I assume this is a phishing scheme. There's a link in the email to https://paypal.com/roan https address (paypal.com/ro).
If it's phishing, how is it supposed to work?

 

[CCdaCE]

You enter your paypal login/password (the phishers are assuming you have one). It goes through their script/website instead of the real Paypal site.

Viola. The phishers have your login/pass. and instant access to your funds and can send payments to another account they've set up and tied to their bank account.

Aye. There be scallywags about.

-CC

 

[tgotch]

When in doubt, don't follow the link contained in the email. Go your your account via Internet Explorer or Firefox (or your preferred browser), and log into your account from there. If the funds are there it should be legit. If not, they are phishers as CCdaCE mentioned above.

 

[ERD50]

Plus, just opening the email could confirm that they sent it to a real live email address with real live people opening their email.

One way to avoid this is to turn off any preview features, and turn off automatic loading of images.

Of course, NEVER click a link in an email - go directly to the site addres that you know or have bookmarked originally.

-ERD50

 

[Billy]

Hi Al,

Since we utilize PayPal to accept funds from around the world for the sale of our book, we get phishing emails all the time.

These phishing emails seem to come at us from several points of view.

1) You have unexpectedly received a payment from someone you don't know
2.) You have added an email address to your account, please verify
3.) You have been charged $X for a product you never ordered
4.) There has been activity on your account from an unverified source, please verify
5.) and so on.

#1 point to keep in mind: if the email addresses you as Dear User or Dear PayPal User and not the full name under which you have opened the account (Dear John Jones) -- do not ever click on their links.

If you put your curser on that link, at the bottom of your computer you will see the actual address to which your response will go - and it will not be PayPal.

If you have any doubt whatsoever, simply go to your account and log in as usual, NEVER USING THE LINK PROVIDED IN THE EMAIL -- NO EXCEPTIONS.

Always forward any email that arouses your suspicion to spoof@paypal.com - PayPal keeps track of these phishing sites and will acknowledge your forward.

Fortunately (knock on wood) we have not had any problems and we always forward any suspicious emails, including requests for taking a PayPal survey.

Hope this helps.

Be well,

Akaisha
Author, The Adventurer's Guide to Early Retirement

 

[TromboneAl]

Right. I didn't click the link, but how could the paypal.com/ro address go somewhere other than paypal?

I did check my paypal account via a separate route, and there is no $200 credit.

 

[Achiever51]

Al, I got the same email msg. I forwarded it to Paypal and they confirmed it was bogus.

 

[Billy]

Tgotch

If the funds are there it should be legit. If not, they are phishers as CCdaCE mentioned above

A couple of responses were posted as I was writing my own, and I do want to respond to this one… We have received both charges and funds in our account from sources we don’t know. We keep close tabs on our account -- I report everything that is suspicious.

Once, some years back, we were charged $200 from ‘the Post Office’ in Florida… this was way before our book was published (about 1999?), and our PayPal account was new. I about had a heart attack. I reported the charge to PayPal and explained my position, and they took care of it right away.

If someone is putting money into your account, and you don’t know them, and you aren’t expecting it… red flags should be going up. Report and retreat!

Be well,
Akaisha
Author, The Adventurer’s Guide to Early Retirement

 

[tgotch]

It may appear as a link to paypal.com via your email program.

Depending on what email program you use (e.g. Outlook), If you hover over the link, you can see the actual site of the link lower left hand side of Outlook. It may show something like http://www.theactualphisingsite.paypal.com/

 

[Billy]

Al

Right. I didn't click the link, but how could the paypal.com/ro address go somewhere other than paypal?

If you put your cursor on the link, at the bottom of your computer it will show you the ‘real’ address - where your response will go.

The Phishers are very good at these things. They know how to make the buttons, photos, logos and links look like the real ones. Putting an email address that is different that what the blue line tells you is just like making a link that says RetireEarlyLifestyle but actually leads you to The Drudge Report.

Put your cursor on the above link, and look below at the bottom of your computer. You will see where the link goes.

Be well,
Akaisha
Author, The Adventurer’s Guide to Early Retirement

 

[megacorp-firee]

Thanks for this vital information Akaisha.

 

[Fireup2020]

Always send any "e-mails" from PayPal to their phishing address. I am sure it pisses them off too (they are a legitimate business trying do their thing) I don't even think the real PayPal even sends me e-mail!

 

[Billy]

You are welcome, megacorp.

We get email from PayPal because we subscribe to policy updates and we have a very active account (due to our book sales).

I understand if one is just a ‘regular person’ and doesn’t utilize their account very often, getting mail from PayPal would be rare, or getting phished could be upsetting.

We utilize our Skype account with payment through PayPal. Relatives want me to buy things for them while I’m in Asia and they send me $$ through their PayPal accounts, and I simply mail them the items back to the States (for example) We buy through Amazon or eBay by Paying through PayPal.

We use our account all the time - but I do understand and respect those who are not so digitally inclined, especially with their finances. It’s just that we have been doing this for years.

Be well,
Akaisha
Author, The Adventurer’s Guide to Early Retirement