Have you received an email from a payment service that looks like this?
At a glance, it looks like a legitimate email containing an invoice. However, a closer look will uncover a host of discrepancies that reveal this email to be a real phishing attempt received by someone here at OptfinITy.
These discrepancies are not ones that a legitimate and trusted payment service like PayPal would include on an email invoice. Here are some of the red flags within this email and things you should look out for before clicking on any email containing financial information:
Red Flags to Watch Out For
- Check if it was sent to right account
- Though the person who received this email has been anonymized, that person received this invoice on an email account different than the one linked to their PayPal account.
- Check names
- This invoice lists the recipient as Patric Smith, even though Mike Duncombe is initially listed as the invoice sender. Neither of these names are the name of the account holder that received this invoice.
- Check for spelling and formatting errors
- The phone number listed is incorrect
- A quick Google search will reveal that PayPal’s customer service number is not the one listed within the email, but rather +1 (888) 221-1161
What Are Next Steps?
Most reputable payment processors have channels through which you can report phishing emails. If you believe you’ve received a phishing email from an entity claiming to be PayPal, forward the entire email to spoof@paypal.com, and do not alter the subject line or forward the message as an attachment. After that, delete the suspicious email. PayPal will investigate the email and let you know their findings.
Did you know that we provide phishing test services? If you’d like to test yourself and your employees and gage how susceptible your organization is to fraudulent messages, you can reach out to us at info@OptfinITy.com.
Leave a Reply