Note: “Please do not follow the links on this article”
Today I got an email from Paypal that someone had tried to access my paypal account from a foreign location and I should login to verify that I was the original user of the account and all my resources were in tact. Here’s an excerpt from the mail:
Subject: Notification from Billing Department
Date: Mon, 24 Sep 2007 17:44:44 -0500
“We recently noticed one or more attempts to log in to your PayPal account from a foreign IP address.
If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. However if you are the rightful holder of the account,click on the link below to log into the account and follow the instructions.
If you choose not to complete the request, you give us no choice but to suspend your account temporary.
It takes at least 72 hours for the investigation in this case and we strongly recommend you to verify your account at that time.”
I got suspected and immediately followed the link to see if there was a problem with my account. I was just about to login when I sensed something odd in the webpage. I investigated and saw that this site didn’t look like the original paypal site. To my surprise, it was one of those scam sites. It’s URL was not of paypal. The URL was like this:
The favicon of the scam site was also different from the original paypal site.
So they are not real. They are only there to deceive the user.
And the most important thing is that the scam site does not use HTTPS while the original paypal site always uses HTTPS for security.
Please be aware of these types of scams. They will only hurt you in ways you’ll never notice. Always be sure about the source of the website you’re opening. Always keep an eye on the URL and the inside links of the login page. And see the webpages deeply as scams have slightly different layouts than the original websites.