Report of a sophisticated PayPal phishing email doing the rounds

By Dan Wilson June 16, 2016 - 10:02 pm

It hasn’t been possible to verify whether this report of a clever PayPal phishing (fake email with the aim of defrauding) scam is true. But it’s worth sharing in case it comes your way.

But blog My Online Security has reported that a sophisticated PayPal related scam may be doing the rounds. As they say: “I received, what at first glance looked like a “normal” PayPal phishing email. It looked a typical email from a clueless phisher, using one of the phishing kits, with a standard email with a HTML form attachment. OK nothing weird or different, except all the obvious links in the HTML go to genuine PayPal sites.

The phishers are using a hidden JavaScript redirect method to steal the data, while the submit button still shows as going to This is extremely dangerous and very difficult for an average user to defend against and know that they are passing information to a criminal.”

You can read the full post here. And do lets us know if you’ve seen anything similar. And, needless to say, be vigilant as per.

  • Andy R
    1 year ago

    The first point to make is that nobody with any sense would open a link in one these vile phishing emails, under any pretext whatsoever.

    We don’t even answer questions through email, only by going back to the relevant site’s message page and answering from there.

  • Sam O'levski
    1 year ago

    The first thing with any ‘paypal’ email, is to check where it comes from, and as this phishing one is from a ‘godaddy’ account, surely it should be obvious it’s a fake ?
    I clicked on your link to the original article, but didn’t understand all the explanations and analysis of the email content.
    What surprised me was that a serious website felt the need to go into such an explanation, when the origin of the email was godaddy and not paypal – can someone explain why the blog my online security were not wasting their time, and what makes this phishing email so sophisticated when a simple glance at who it was from will make it obvious it doesn’t originate from paypal ?

Recent Comments

7 hours ago
northumbrian: asal cliste penantic...
8 hours ago
PGC: I used to live and breath ebay as a non business seller. Buy stuff, use it,...
9 hours ago
Andy Cornwall: If you sell on marketplaces you need 24/7 cover, Amazon has expected you to reply...
9 hours ago
timo: YOU'RE clearly an English speaker, so getting it wrong 3 times in one short post...
10 hours ago
nobody: So, from a victim's point of view, is even worse than the ransom-ware crackers,...