PayPal Phishing emails

Phishing emails, in which the sender pretends to be someone he isn’t (aka spoofing) are nothing new and I receive eBay spoofs usually several times per day. But until this morning, never a PayPal spoof.

Here’s what the cat dragged in today:

Subject: PayPal Security Measures


We are contacting you to remind you that: on 05 May 2005 our Account Review Team identified some unusual activity in your account, one or more attempts to log in to your PayPal account from a foreign IP address.

(follows a list of bogus IPs from Romania and Poland)


In accordance with PayPal's User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved. To secure your account and quickly restore full access, we may require some additional information from you.
To securely confirm your PayPal information please go directly to (link deleted) log in to your PayPal account and perform the steps necessary to restore your account access as soon as possible or click on the link bellow:

As far as forgeries go, this one was almost word perfect, including the fake sender address paypal@paypal.com.

When in doubt, forward the entire email to spoof@paypal.com. They usually respond within the hour, confirming that the suspect email did indeed not originate from PayPal.

A universal telltale sign of spoofing is the request for Credit Card information: that’s what phishing is all about…

Keywords: phishing email