[andyk]

I received a phishing Email a few days ago that was so good it almost fooled me. It was made to look like it was from Paypal and said I had authorized a large payment. Every link in the Email was to the actual Paypal site, for things like unsubscribe, except for one to click if the authorization was not from me. Even that link showed a fake Paypal address, but hovering over it showed a different destination.

I decided to switch from the free but unsupported Windows Live Mail to Outlook from Office 365 which is supposed to be able to detect this type of differing link and warn me. I already had Mailwasher as a pre-scanner but it failed to detect it.

I wonder what others are doing for protection with the phishing getting better and better, and more sites getting hacked.

 

[ALSto]

You should forward your mail to [email protected]aypal.com.

Not much you can to prevent except frankly read the mail carefully and shift-delete to expunge from your system.

 

[ExDilbert]

The only thing that is 100% foolproof is to never, ever click on a link or file in an email. Things like PayPal scams are usually easy to spot. The from address is usually something other than the real PayPal address. Sometimes its a letter off or jumbled in some way.

 

[Inglewood]

If you think that your PayPal, or any other account for that matter has been compromised, never click the links in the email.

You can always open a window to connect to the real website and log in, or contact your bank/PayPal/etc. by phone to confirm.

I've had my credit card/debit card info stolen a few times in the last few years and all you get is a message from your bank saying your card won't work anymore and a new one is in the mail. They never ask for you to log into anywhere, or provide any personal information/passwords.

The most I have ever been asked was what charges were mine and what were not mine when a credit card of mine was copied in the U.S. and various charges overlapped.

 

[JamesK]

Is it phishing season already?

Every link in the Email was to the actual Paypal site, for things like unsubscribe, except for one to click if the authorization was not from me. Even that link showed a fake Paypal address, but hovering over it showed a different destination.

I always use the hover technique, if I'm the least bit suspicious.

 

[Inglewood]

The IT department where I work sends out phishing emails all the time - and then has to have talks with employees who click on them.

The one manager who has to talk to people is a friend of mine, and he can't believe how many people are willing to give information for "free stuff", and how many people do it over and over and over again.

They are fairly blatant as well - such as providing company courier information (such as a UPS login, password, account) to get a free iPad.

I always wonder how many phishing emails work, and how many people are embarrassed to report them.

I saw a story this week on CHCH where police in Ontario are warning men that some woman is contacting them in the middle of the night to have an "intimate personal videochat" and then the woman part way through quickly puts back on her clothing and threatens to send a video to the man's Facebook contacts if they don't send her $1500. She even names several names that the victim knows. Found this scam hilarious.....

 

[ExDilbert]

There is a free iPhone scam going around now. The catch is you must provide your personal information, a credit card number and pay $1 to get the phone shipped. The fine print suggests that you may not win the free phone, but doesn't specify the consequences. No thanks.

I've had my credit card number stolen from an a giant online retailer, legitimate Canadian business and probably several online retailers. The giant retailer caught the phony charges right away and it was only ever used on their site (it was their card.) Another card was only used once and the card company called about some unusual charges two days later so I know exactly who it was stolen from, a popular Canadian TPIA. In both cases, the phony charges were to a travel agency.

Another popular scam is to get hold of someone's card number and use it to purchase a Netflix subscription. I've had that happen with two cards. One card had two charges for two accounts in a single month. Don't know why the card company didn't catch that one.

I always use PayPal for Netflix and online retailers. It probably isn't 100% foolproof but I haven't had a serious problem yet. PayPal makes it easier to deal with retailers that automatically sign you up for subscriptions after a single purchase. That's easy to resolve by checking for subscriptions on the PayPal site and cancelling them.

I've been getting internet related phishing mails and phishing emails for going on 25 years. I've been fooled once but realized it within 5 minutes then called the card company immediately and had it replaced. PayPal scams seem to be the most popular. It's usually something like entering credit card information to verify the account or receive a payment. I get get several a week from the same sources every week. That's been going on for years. They usually end up in the spam folder automatically.

My rules for PayPal and banking sites,
1. Never click on an email link or unexpected browser pop-up link to reach the site.
2. Always open the site using a trusted password manager.
3. Don't type the address into a browser. Common misspellings can end up on a scam site.

 

[andyk]

Just received one from my cousin. They spoofed his name but the work email address was a made up name ending in .fr . He says he has been getting similar emails from his friends.

 

[tenena]

I never click links from any email. And before clicking anything, I make sure to hover on the link first and see if it redirects to a legit website.

 

[17671]

Same here. Surprisingly I am very cautious with my email, I probably get a max of 8 to 10 spams in a year, yes that is very low. I have had this email for a long time, its never been compromised, but a few of my email contacts have probably been compromised. The spammers probably have my email address from their contacts / address book and send out spams, but the email is disguised and its not coming from them, but the name and even the signature looks like them. If i don't trust it, it goes in the trash and i report it as spam so it alerts microsoft hotmail/outlook about this and gives a warning to other recipients. pretty cool feature

 

[NeilN]

I probably get a max of 8 to 10 spams in a year, yes that is very low.

Have you checked the spam/junk folders on whatever mail service you use and the spam/junk folder in the client software (if you use a client that does its own spam checks)? Not seeing spam emails in your inbox does not mean you aren't being sent them.

 

[17671]

of course i check the spam folder. that is usually where my spam ends up. hotmail does a good job of catching spam. 8 out of 10 times. the other 2 usually end up in my general inbox and i manually mark it as spam

 

[timlocke]

I check the full message headers on any email supposedly from a financial body I might deal with. That is usually where the phishers get it wrong.


Sent from my iPad using Tapatalk