It bugs me to get email spam, but I really get upset when it’s more than just selling the latest in male enhancement products. I’m talking about the emails that try to fool you into thinking your bank account is on the verge of being closed or that someone has hacked into it.
I just received one such email earlier this week. Very cleverly written, it was trying to warn me that suspicious activity was taking place on my PayPal account. At first, I thought, “Oh no!” because I’ve actually been doing some things with my account recently. But then I read on and applied my checklist to spot a scam.
Here’s what the email said:
Dear PayPal Member,
We recently noticed one or more attempts to log into your PayPal account from a foreign IP address.
If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. However if you are the rightful holder of the account, click on the link below to log into the account and follow the instructions.
If you choose not to complete the request, you give us no choice but to suspend your account temporary.
It takes at least 72 hours for the investigation in this case and we strongly recommend you to verify your account at that time.
Thank you for using PayPal!
PayPal Account Review Department
PayPal Email ID PP232
Like I said, pretty sneaky, yet sounds very plausible. But here’s how I determined it was bogus and this is something you can do as well:
- There was no email in the “To:” field. Okay, PayPal knows my email address so they’d have no reason not to use it.
- My name wasn’t used in the greeting.
- They encouraged me to login using the link (I removed it here for safety reasons). But if you’re new to this sort of thing, the next time you get something like this in your email, try rolling your mouse over the link and look at the URL that shows up in the lower left corner of your browser. In my case, they were completely different. This means that just because a link can be displayed to you on screen, doesn’t mean that’s the code behind it. Instant gotcha!
What could have happened had I clicked on the link? I probably would have seen a site looking very much like PayPal. And it might have encouraged me to login to what I thought was PayPal. That would have been bad because the criminals would have then have my login.
Or just as bad, I could have been infected just by visiting the web page. Yes, that’s possible.
So please be careful when you receive this sorts of messages. If in doubt, then contact the company it purports to be directly and ask them to confirm the message.