Yes, don't click links in emails like that.
Forward suspicious emails (with header attached if you know how to do it) to: spoof@PayPal.com
PayPal sent me this the other day:
Dear Robert Eisenstadt,
Thank you for being a proactive contributor by reporting
suspicious-looking emails to PayPal's Abuse Department. Our security
team is working to identify if the email you forwarded to us is a
malicious email.
Paypal Will Always:
- Address our customers by their first and last name or business name of
their PayPal account
Paypal Will Never:
- Send an email to: "Undisclosed Recipients" or more than one email
address
- Ask you to download a form or file to resolve an issue
- Ask in an email to verify an account using Personal Information such
as Name, Date of Birth, Driver's License, or Address
- Ask in an email to verify an account using Bank Account Information
such as Bank Name, Routing Number, or Bank Account PIN Number
- Ask in an email to verify an account using Credit Card Information
such as Credit Card Number or Type, Expiration Date, ATM PIN Number, or
CVV2 Security Code
- Ask for your full credit card number without displaying the type of
card and the last two digits
- Ask you for your full bank account number without displaying your bank
name, type of account (Checking/Savings) and the last two digits
- Ask you for your security question answers without displaying each
security question you created
- Ask you to ship an item, pay a shipping fee, send a Western Union
Money Transfer, or provide a tracking number before the payment received
is available in your transaction history
READ!
Any time you receive an email about changes to your PayPal account, the
safest way to confirm the email's validity is to log in to your PayPal
account where any of the activity reported in the email will be
available to view. DO NOT USE THE LINKS IN THE EMAIL RECEIVED TO VISIT
THE PAYPAL WEBSITE. Instead, enter www.paypal.com into your browser to
log in to your account.
What is a phishing email?
You may have received an email falsely claiming to be from PayPal or
another known entity. This is called "phishing" because the sender is
"fishing" for your personal data. The goal is to trick you into clicking
through to a fake or "spoofed" website, or into calling a bogus customer
service number where they can collect and steal your sensitive personal
or financial information.
We will carefully review the content reported to us to certify that the
content is legitimate. We will contact you if we need any additional
information for investigating the matter. Please take note to the
security tips provided above as they may help to answer any questions
that you may have about the email you are reporting to us.
Help! I responded to a phishing email!
If you have responded to a phishing email and provided any personal
information, or if you think someone has used your account without
permission, you should immediately change your password and security
questions.
You should also report it to PayPal immediately and we'll help protect
you as much as possible.
1. Open a new browser and type in www.paypal.com.
2. Log in to your PayPal account.
3. Click "Security and Protection" near the top of the page.
4. Click "Identify a problem."
5. Click "I think someone may be using my account without permission."
6. Click "Unauthorized Account Activity."
Thank you for your help making a difference.
Every email counts. By forwarding a suspicious-looking email to
spoof@paypal.com, you have helped keep yourself and others safe from
identity theft.
Thanks,
The PayPal Team
***********************************************************************
Please do not reply to this email. If you need to follow up, please
follow the steps above to access your account and utilize the Contact Us
resources from our site.
***********************************************************************
Robert
|