- slide 1 of 4
Phishing scams are a major nuisance that involve crooks trying to steal personal data that includes everything from your bank account information to your MySpace password. It’s scary how well these scams work, and how easily so many people fall for them.
What is Phishing?
No, it has nothing to do with the band Phish. Instead, phishing is when you trick someone into telling you their password or other information. The reason may be to steal the money out of someone’s bank account, get into their email, and so on. One of the most common phishing scams involves people trying to steal PayPal login information.
- slide 2 of 4
PayPal Phishing - How it Works
You get an email that looks like it is from PayPal, and it says there is some problem with your account that you must address immediately, otherwise your account will be shut down. There’s always a sense of urgency around these phishing scams. The email will include a link to a website that looks just like PayPal’s site. On this website, it will have a login screen and you are required to enter your username and password. After that, it may just direct you to the real PayPal site.
What has really happened is that you just gave somebody your PayPal login and password, and now they can log in and send themselves your money to their account. The same principle works for online banking accounts, too. I’ve even had text messages on my phone claiming I needed to call some phone number to give them my information in order to keep my account from being closed. It was for a bank where I didn’t even have an account!
- slide 3 of 4
How to Identify a PayPal Phishing Scam
The first big hint is if you don’t even have a PayPal account, or an account at one of the many banks that these crooks try to hit. Another telling factor is grammar and spelling in the email. Many of the people running these online phishing scams are from overseas and they may not speak English all that well, so it’s quite common to find numerous misspelled words and grammatical errors in the emails they send.
Another telling factor is that the website may not show the correct URL at the top of the screen. For example, it’ll have a bunch of numbers (197.123…) instead of www.PayPal.com. Also, your PayPal or online banking site should be secured, and the address will begin with https instead of just http. The people putting up the phishing sites won’t bother to secure it, and that should be a dead giveaway. As a general rule, you should never provide any kind of money-related info on a web form that isn’t on a secured page.
Phishing scams can work via email or even over the phone. If you get a call from someone saying you won a lottery and they want your bank account info to deposit the money, just hang up. If you get any kind of call saying you won a prize and need only provide any kind of personal info for ‘verification purposes’, you might be getting phished.
- slide 4 of 4
Reporting PayPal Phishing Scams
You can report them to PayPal or the bank, but those sites tend to go down as quickly as they go up. Often times you’ll get the email and click on the link, only to find that the site is no longer available. The sad thing is that if only one person responds before the site is taken down, then the scammers made a profit. If you do recognize that the email is a scam, the best thing for you to do is delete it. Don’t reply back with threats or taunts, no matter how much you may feel inclined to do so. Just ignore the message and delete the rest that will inevitably come in the future.