I haven’t written a blog article about phishing yet, but last night I received an email that was classically trying to trick people into revealing their PayPal login information. The funniest thing about this particlar phishing attempt, was that they actually mispelled PayPal in the “from” field, spelling it “PayPla”.

First, a vocabulary lesson: Phishing.

Wikipedia defines it as:

phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

Here’s a look at what the email looked like:

Now, if you hover your mouse over the “click here” link, you note that they are attempting to get you to log into http://mail.reboil.com/remote/images/welcome.htm - this is NOT PayPal.

You should never, never login to a website via clicking on a link in an email. It’s much better to type in PayPal.com yourself in your browser so you know you’re headed to PayPal.

If you receive a phishing email like this, you should report it to the actual real company. Here is where to report fake PayPal emails to PayPal.

In fact, PayPal has a whole area on it’s website dedicated to Theff and Fraud Protection.

On it, is a neat “Can You Spot Phishing?” - take the test! You’ll be glad you did.

Now, I went ahead and clicked on the link listed in the email, to see what the website looked like, and was very happy to see this message from my browser (Firefox):

Just for grins, I tried looking at the site in Safari and Internet Explorer, and didn’t see this nifty message - but rather a warning about the security certificate being wrong. I’m impressed with Firefox security!

So be very, very wary about getting emails from companies that have some kind of “hey you better log in to your account right now using this weird link” - if you’re at all suspicous, go directly to the company website and login that way. Many companies, like PayPal, have entire sections of their website dedicated to security and fraud prevention - so you can always ask them what’s up. Better safe than sorry!

This entry was posted on Thursday, December 18th, 2008 at 10:17 am and is filed under the Spam & Scam Watch category. Read other Aldebaran Website Design Blog articles by returning to main blog page. Need a blog added to your website? Click here to read about blog installation services or click here to contact Aldebaran Web Design. You can skip to the end and leave a response. Pinging is currently not allowed.