Posted by - May 04, 2022

Have you received an email from a payment service that looks like this? At a glance, it looks like a legitimate email containing an invoice. However, a closer look will uncover a host of discrepancies that reveal this email to be a real phishing attempt received by someone here at OptfinITy. These discrepancies are not ones that a legitimate and trusted payment service like PayPal would include on an email invoice. Here are some of the red flags within this email and things you should look out for before clicking on any email containing financial information:


Red Flags:

  1. Check if it was sent to right account
    • Though the person who received this email has been anonymized, that person received this invoice on an email account different than the one linked to their PayPal account.
  2. Check names
    • This invoice lists the recipient as Patric Smith, even though Mike Duncombe is initially listed as the invoice sender. Neither of these names are the name of the account holder that received this invoice.
  3. Check for spelling and formatting errors
    1. In the first paragraph, there is random capitalization that doesn’t make sense in the context of the paragraph: “…checkout and enjoy No Interest if paid in full…”
    2. In the second paragraph, PayPal is incorrectly formatted as “pay pal”
    3. In the second paragraph, there is a space in between the period that separates the dollar amount and the and cents: “$499 . 30”
    4. In the second paragraph, there is a space after the word that is meant to end the sentence: “…from your bank account . We are there…”
    5. That sentence itself is an incomplete sentence: “Same amount has been debited from your bank account . We are there…”
  4. The phone number listed is incorrect
    • A quick Google search will reveal that PayPal’s customer service number is not the one listed within the email, but rather +1 (888) 221-1161

Most reputable payment processors have channels through which you can report phishing emails. If you believe you’ve received a phishing email from an entity claiming to be PayPal, forward the entire email to, and do not alter the subject line or forward the message as an attachment. After that, delete the suspicious email. PayPal will investigate the email and let you know their findings.

Did you know that we provide phishing test services? If you’d like to test yourself and your employees and gage how susceptible your organization is to fraudulent messages, you can reach out to us at

Leave a Reply

Your email address will not be published. Required fields are marked *