Good PayPal Phishing Email

[rcjordan]

The email advised that a new address had been added.  Just yesterday, I'd purchased $375 from Aliexpress (China) using PayPal checkout, so a red flag dropped.  It used a well-done copy of a PayPal format email, complete with graphics  ...but a few graphics did not render (red flag #2).

Here's the kicker; the return email address was to PayPal. 

....But closer mouseover inspection showed another .edu address in the cc or bcc.  Aha!!

I went directly to my account.  It checked out. No changes had been made.

Satisfied that it was a phishing attempt I decided to send a copy to the PayPal email address used.  I immediately received an auto-reply which stated that the address was no longer in use.  Aha#2!!  The phishers were using a discontinued email address in order to get around the usual mouseover check.

I do not think the average user would have checked past the return address being to PayPal.

+
George Carlin — 'Think of how stupid the average person is, and realize half of them are stupider than that.'

[ergophobe]

They are getting quite sophisticated.

I think I mentioned that after a trip to the Bay Area I got a text about an unpaid toll. I assume they are running some sort of geofenced ad campaign that lets them grab phone numbers that pass near toll stations. I had never gotten one before, but got that one the day after crossing through a toll plaza.

In that case, I do sort of wonder... it seems like someone with mad skills like that could make more money in a legit business than as a grifter, but I guess the Carlin quote comes into play - there's a lot of money in scams.