I just got an email from PayPal today telling me my access has been limited. That’s funny, PayPal has never done this before. The email looks legit. It is from a PayPal email address and even has a link directly to PayPal’s website… Or at least it seems.
Phishing is when someone misrepresents a company in hopes to gain sensitive information from its users. PayPal phishers try to get PayPal login information so they can exploit accounts. Phishing attacks most commonly attack Banks and financial services.
Let me share some ways you can avoid phishing attacks.
- Check the ‘From’ email address. If you get an email from ebay.com, and the email address is from an eboy.com email address, it is not legitimate.
- Hover over any links and see if the URL goes directly to the correct website. URLs with IP addresses (ie. http://18.104.22.168) are not legitimate. Here’s what I see when I hover over the link from the above email:
- Trust your gut feeling. If you think it is a phishing email, it probably is.
If you are unsure of the legitimacy of an email, you can always contact the company represented by the email and ask them.
If you get a phishing email you should send it to your spam box or delete it. You may also decide to forward it to the phishing department of the misrepresented company. Here are some email addresses to popular sites: email@example.com, firstname.lastname@example.org, email@example.com.
If you are a victim of a phishing attack (you followed a link and gave your information to a phisher), you should do the following:
- Change your password! Directly navigate to the correct website to log in – don’t log in from the phishing link.
- Contact the customer support department and notify them you were a victim of a phishing attack.