Featured photo is PayPal’s logo, which is in the public domain.
Good morning, knotty crew. After a day of reflection, I’m back with some new content. In the past 24 hours, I see there’s been yet another mass shooting. And the anti-abortion wars continue to rage in my homeland, putting more and more women at risk. I could write about either of those topics today. I could have written about them yesterday, too. I just don’t want to… I need a break from both of those subjects.
So… today, I wish to air a grievance I have regarding PayPal scammers and phishers. Now… to my knowledge, I have not yet actually been victimized by these criminals. However, I have to admit, their tactics are becoming scarier, as they now send their fraudulent emails from what appears to be an actual PayPal address. Yesterday, I got three emails from these fuckers. I reported all three, not that it will do any good.
I knew this email was bullshit, because I rarely use PayPal to pay for things. Also, while I think Bill might have an Acer computer, I am a confirmed Apple user. I never would have bought anything like this. But the biggest clue that this email is fake is that it doesn’t address me by name. It comes from a site I’ve never heard of, and would never use. Obviously, the folks who are sending this shit are hoping people will panic and call them, so they can try to talk the victims into allowing them to remotely install keystroke trackers and wipe out their money.
I don’t keep money in my PayPal account, but I know some people use it as a sort of bank. I mainly only use PayPal when I can’t use my credit cards, which are US issued. Sometimes European vendors can’t accept them or don’t allow for me to enter my US billing address. PayPal comes in handy in those situations. I almost never receive money through PayPal.
I usually just trash these emails as a matter of course, but yesterday, I decided to look carefully at the sender’s address. I was surprised to see that it came from a legitimate PayPal address. And, unlike other phishing emails, this one didn’t have any obvious tip offs that it was fake. There weren’t any glaring misspellings or design flaws that would arouse suspicion in the savvy. It also came to the email address I use for my PayPal dealings.
I logged into my PayPal account and checked my recent transactions, just to make sure there weren’t any pending charges. I was relieved to find that there wasn’t any recent activity indicating that something was amiss. Other people who have reported about this particular email scam have said that they did find invoices pending in their accounts. Some of them panicked, called the fake call center, and got taken to the cleaners.
Even though I knew the emails I got were fake, I decided to do some cursory research to see what the Internet was reporting about this scam. I found quite a few articles from cybersecurity firms explaining these surprisingly realistic looking phishing attempts. The open invitation to call a phone number to cancel the transaction is a big clue. Why would PayPal openly admit that the invoice might be fake, and actually INVITE people to call them? It doesn’t exactly promote confidence in their product.
Some reporters wrote that when they called the number, it was answered on the first ring. The person who answered was clearly not in a call center in California, as they could hear traffic and people in the background. The person also had a very strong accent that indicated that English wasn’t their first language, although granted, a lot of companies do have call centers abroad. But mainly, the fact that the phone was answered on the first ring was a major red flag. PayPal never answers on the first ring.
It’s infuriating that these crooks are using legitimate businesses to perpetrate their crimes. PayPal allows users to invoice each other, which is why these creeps can take advantage of the official email address. The fact that the emails come from PayPal make it pretty much a sure bet that the emails will get through the spam filters. Even though I know I didn’t buy an Acer computer through PayPal, there are other people out there who aren’t that astute. A lot of people have been victimized through these scams, which only encourages the lowlifes to continue their criminal activities.
So what is a person to do if they get one of these emails? Frankly, I say if you know you didn’t buy anything, just send the email to the round file. Check your PayPal account, and if there is anything in your transaction history that shouldn’t be there and you feel you must speak to someone about it, call PayPal using a number on the actual Web site. Do NOT call the number on the email, which will probably be answered by scammers in a fake call center. Do NOT pay any invoice that you don’t recognize. Remember that an invoice is just a request for money. You don’t have to pay for things you never bought.
Always examine the emails very carefully before you take action. Look for clues that any PayPal emails you receive are fake, like misspellings, poor grammar, or graphics that aren’t quite right. If the email doesn’t address you by name, it’s probably fake. I shouldn’t have to state this, but don’t click on any links in a suspicious email. And again– don’t call the phone number, unless you just want to fuck with the scammers. I realize that some people do enjoy that kind of thing, but the whole point of these scam emails is to get you to call so they can talk you into downloading their remote viewing software. Sure, they’d like it if you just paid the invoice, but that’s not their goal. They want your information so they can clean out your bank account and rip off your identity.
If you want more information about this, have a look at YouTube. Lots of people have made videos and some have actually gone much further than I’d bother/dare to, just so they can show you exactly what the scammers do.
I just now decided to change my PayPal password, just to be safe. Interestingly enough, it was easy to do that on my computer. However, when I tried doing it with my iPad, I had to go through a total rigamarole, to include answering security questions that weren’t very clear, and entering a security code sent to my alternate email address. Even after going through two or three checks, there was still another. I finally clicked off the page and tried the password I so easily changed on my computer. It worked.
Of the three videos, I think the second one is probably the best. The third one is probably the most entertaining. The first one is especially good if you like bald Brits. And below is an entertaining video featuring a guy who enjoys scamming the scammers.
Anyway, I didn’t fall for the scam. I hope you won’t either.
In other news…
Bill and I are in the preliminary stages of planning our big vacation. I’m not sure where we’re going yet, but I do know it’ll be in June.