I was surprised yesterday when I received an email from PayPal: “You’ve got a money request”. Wut?
Not Norton 360!
First thought: duh, it’s a scam. But then I checked the email address it came from: service@paypal.com. Also all of the images in the email came from paypal.com. The links in the email went to paypal.com, together with a randomized-looking, presumably unique, long string to identify yours truly. I even checked the message header: yep, it came from paypal.com.
At the bottom of the email was the usual PayPal text, including “Emails from PayPal will always contain your full name.” I looked up to the start of the email text. Ping! Nope, this one had my email address instead of my name, and furthermore, it was an email address that wasn’t linked to my PayPal account.
In other words, the scam was generated by someone with an actual PayPal account hoping that I’d be flummoxed enough to call that number to get the request cancelled, and in doing so reveal my login info to my personal PayPal account.
Nope.
Loading links to posts on similar topics...
2 Responses
#1 Grzegorz Wiktorowski said...
16-Dec-22 10:46 AMI'm just scrolling subscribed blogs and just after your post I moved to:
https://daniel.haxx.se/blog/2022/12/14/idn-is-crazy/
Are you under "IDN homograph attack" ?
#2 julian m bucknall said...
16-Dec-22 6:57 PM@Grzegorz: Ha! I'd read about this before, but doesn't apply to this particular email, since it was Google (I use a GMail account for personal email) that authenticated its provenance. The email headers also show that it came from PayPal, referencing their IP address.
Cheers, Julian
Leave a response
Note: some MarkDown is allowed, but HTML is not. Expand to show what's available.
_emphasis_**strong**[text](url)`IEnumerable`* an item1. an item> Now is the time...Preview of response