I received this ‘phishing’ scam in my inbox this morning. It’s supposed to be from Paypal, and the ‘hook’ is that my account has been limited or suspended. When I looked at the email more closely, however, I noticed that:
- the sender was NOT from Paypal
- the email did NOT address me by name
- and the whole email was funneling me towards the big, blue link you can see below
Seems pretty obvious, right?
Actually, despite having seens hundreds of these scam emails in my time, I still felt a moment of fright when I read this one. Why? Because I use Paypal for most of my online purchases, so the threat of having that service removed hit me where I live.
Unfortunately, that moment of fright is exactly what makes phishing email scams work. The scammers send out millions of these emails at random in the hope that a few will reach people who actually use the service [like me]. Then there is a chance that some of those people will be fooled into clicking the link in the email.
But what happens next?
I haven’t done this personally, but from my research it appears that the link takes you to a website that is made to look exactly like the real thing. Once on the website, you are asked to login with your account ID and password. The fake login will fail, of course, but by then the scammers will have exactly what they want – the account information of another victim.
So never EVER follow a link from an email to a financial account, even if the email looks 100% genuine. Always navigate to the website manually – i.e. by typing in the address in the address bar of your browser or by clicking a ‘Favorite’ that you have set up for yourself. Do not give in to the kneejerk reaction triggered by fright.
I know I harp on about these email scams like a cracked gramophone record [anyone remember them?]
but there are new people coming online every day, and they are at risk from these scammers. Please spread the word when you can.