The PayPal payment service is currently dealing with a wave of phishing emails. The problem with this: The e-mails from the fraudsters look deceptively real and come from the official e-mail address.
In the third quarter, the online payment service PayPal had 432 million active accounts worldwide. Around 5.64 billion transactions were made. For comparison: In the previous year, the number of users was 416 million, an increase of around four percent.
No wonder, then, that scammers are also particularly interested in the payment service. Phishing emails that look deceptively real are currently in circulation, such as Welt first reported.
Why do phishing emails look so real?
Users can often unmask fraudulent emails in one simple step. Because these usually come from dubious e-mail addresses, which you can see at first glance that they cannot be real.
But this is not the case with the phishing wave currently circulating at the popular online payment service. Because the e-mails come directly from the address [email protected], via which users normally also receive notifications.
Sea Welt the e-mails also come directly from the Paypal servers. It is therefore almost impossible to expose them as fake.
The scam behind the PayPal scam
The e-mails, which supposedly come from the online payment service, fool users into believing that they have sent a payment. In an example from Welt “A $479 payment was sent to Coinbase Corporation.”
As the email progresses, customers are then prompted to call the PayPal helpdesk number if they have not initiated that payment.
If this number is actually called, the scammers ask for the password and the security code sent via SMS. This gives them access to the account where they can withdraw money as they please.
How can you still recognize the fake?
A spokesman for the company explained opposite Welt following features to expose the e-mails as fake despite all attempts by the scammers.
The text also contains spelling mistakes, a foreign currency, an apparent urgency and an impersonal (general) form of address.
German Paypal customers can also prick up their ears at another point. So far, the mails have only been written in English.
PayPal has also been using the paypal.de domain for its email traffic in Germany since 2018. So far, however, the mails have all come exclusively from the domain paypal.com.
Also interesting:
Source: https://www.basicthinking.de/blog/2022/12/15/paypal-phishing-mails/