Congratulations, UD colleagues. You’re starting to catch more and more phishing scams without help from IT or your departmental IT professional!
Today we’ve had multiple reports about this fake PayPal notice:
PayPal is NOT going to send a notice like this to a visible mailing list. Do you know how to recognize this scam?
Just like some of the other scams we’ve seen lately, this one looks good at first, but in about 5 seconds you should be able to tell it’s a scam:
- The large payment amount is supposed to send you into a panic so you just click one of the links in the message to investigate.
- The message is sent to multiple email addresses. And you can see those addresses. Some of the phishing scam boiler rooms have been sending out a lot of phishing spam with this trait. PayPal, American Express, Banks, credit card companies, merchants, and other legitimate entities will never reveal customer email addresses to other customers.
- The links in the message do not go to a valid PayPal site. If you see a message like this one, hover your mouse over a link before you click. See where it goes.
You’re always safest to not click links in a message like this one. If you want to check to see if this is a valid notification, it’s much safer to log into your PayPal account using the standard URL you know and trust.
See a message like this one? Just delete it.