This is my third time i have received paypal fraudulent e-mail or phishing scam which are very identical to genuine PayPal e-mail. People trust paypal so much that once they see the paypal logo in the e-mail they start clicking it. I could be one of them too. But thank god for taking Electronic Commerce class at school, where they showed us all types of phishing e-mails that online merchant receives now a days.

Here is a screenshot of the very 1st PayPal scam e-mail i received:

As i said, when people see PayPal logo at the top, they trust the e-mail and hardly notice where the e-mail is coming from and where the link in the e-mail will take them. Since i write blog i get a change to reach a large number of people and I thought this is a good way to let people inform about this scam e-mail.

I received the second e-mail just yesterday, although most of the content from this e-mail were blocked by MSN (the previous one was in my inbox and no content were blocked). Most of the time these type of e-mails will take you to an identical but fake website and ask you to change/update your profile (including login name and password). But remember, NO COMPANY WILL SEND YOU AN E-MAIL TO CHANGE YOUR SENSITIVE PERSONAL INFORMATION LIKE YOUR PASSWORD (this includes your bank, online transaction company like PayPal, your credit card company or any other companies that deals with your money online).

2nd PayPal fraudulent e-mail screenshot:

3rd PayPal phishing scam e-mail: (received today!)

How to know it’s a fraudulent e-mail or a phishing scam?:

• Company usually do not ask their clients to modify or change their sensitive personal information like password or credit card number .
• The senders e-mail is normally NOT associated with your service provider (If you look at the first screenshot, it was send from “mail@support.com” but not paypal.com. But in the 3rd screenshot they used paypal.com e-mail address “notice@paypal.com” although it was NOT send from notice@paypal.com).
• Their reply back e-mail will not be associated with your service provider because in case if the e-mail receiver (you) reply the e-mail for any reason, the real service provider will get to know about the issue and they will trace the scammer down. Therefore they will use a no-reply or a fake reply e-mail address (In 3rd e-mail they actually used “no-reply@paypal.com” which is very rare but it can happen).
• The Link: This is the most important and trickiest because if the cheater can convince you to click on link in the e-mail, they might convince you to fill out a fake form with all your personal information too. So, again be very cautious. None of these fake e-mail link will take you to the real service provider’s website. Either they are going to take you to fill out a form or to a identical but fake website to enter your login name and password. So, before you click on any e-mail link, make sure it’s taking you to the right destination . One way to do that is by checking your status bar (the bottom bar of your browser, where you will see the website address/URL once you bring your mouse over the link).