I got this email referring to a German company for an amount very similar to a recent payment I made on eBay. It really did look right. I’m a bit out of practice with spoofs like this, and I made a couple of mistakes.
The only thing I did right, in fact, was to check my PayPal account. No payments made to that person, the account was OK.
What I did wrong was to click on the disputes link in the email. Luckily for me, IE blocked it instantly as a malicious website, even before my reliable AV got to it.
Hint taken and wincing from my own stupidity in following a link I already had doubts about, I went back and checked out the sender. Sure enough, it was a “typo” site- service@inc-paypal was the sender. There’s no such thing. The usual PayPal service is different.
Next step, obviously, was to forward the damn thing to PayPal and tell them the story.
I could have done better in terms of the way I reacted. I was actually thinking “phishing” even before I saw the malicious website notification.
I should have known better. PayPal does provide a lot of advice on these things.
Moral of story:
1. If you see an unknown payment like this, check your account first. If it’s a bona fide payment, you can do a lot about it through PayPal if you’ve made any sort of payment to anyone.
2. Check the sender. If it’s not your usual PayPal service, it’s not to be trusted.
3. Make sure not to click on any links in the email. I’m kicking myself about that.
4. Report it to firstname.lastname@example.org
5. Block the sender. That’ll at least get rid of one nuisance.
Just got a confirmation from PayPal that it was a phishing attempt. Yes, I should have known better even in theory, but it really did look that authentic, and I’ve been using PayPal for years.
These typo-based phishing scams are becoming a plague. Anything at all you see that you don’t trust, make sure you do something about it. The only way to put these bastards out of business is to go on the attack anyway possible.