Just a followup to my Medium “Don’t Click On That Link!” Post, here’s an example of a “PayPal” email recently received that is clearly bogus:
At first glance, the email looks legitimate. It comes with the official PayPal logo, has the same format as a typical email from PayPal. Also cites a legitimate merchant in storesupply.com. If you don’t have a PayPal account or haven’t recently purchased anything using PayPal, you would be more than concerned. However, if you look closely, there are several clues which prove this email is a scam.
- Look at the From Address. The email says it’s coming from “firstname.lastname@example.org“. But if you look at the actual address within the < > brackets, it shows the email coming from another domain which clearly has nothing to do with PayPal.
- If this transaction is something you don’t recognize, you would probably be inclined to immediately click on the Dispute this Transaction button, especially if you read the implicit threat of having only 24hrs to “DISPUTE” it. But without clicking on the button, and just hovering over it, you can see in the below address bar the address that the button will take you to. Again, it’s not PayPal.
I will be posting others as I receive them.