A New Phish?

Not sure if this is new but I’ve not seen it before: A clever new piece of social engineering in a phishing email.

You have added phoneseller@yahoo.com as a new email address for your PayPal account.

If you did not authorize this change or if you need assistance with your account, please contact PayPal customer service at:

https://www.paypal.com/row/wf/f=ap_email

Thank you for using PayPal! The PayPal Team

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the “Help” link in the header of any page.

Of course, viewed in plain txt the address is not PayPal at all, but some Czech corner of the dark web, but the idea that someone may have gotten into your PayPal account and added or changed your email address might just be enough to get you to click on the link without scrutinizing it too carefully.

12. January 2005 by jeremy
Categories: Phishing | Tags: , , , , , , , , | 1 comment

One Comment

  1. My wife got this email a few weeks ago and totally fell for it. Luckily she was just suspicious enough to get me to look at it, but *after* she had followed that link and entered her password. Right away, we went to Paypal(the right way) and changed all of our login/password info before anything bad happened.