Notes on an attempt at phishing.
So this afternoon, I received an email that looked like it was coming from PayPal. The From: field had a PayPal address. The links in the email all started with the right URL.
However, the To: field was to some random address. A mass mailing, perhaps. PayPal contacts me to *my* address, not some random one.
The To: field was the first clue that something was off.
The email said that someone had updated their money request and that they were now asking for $1400 US.
There was also a note, supposedly from the **seller**:
"Don't recognize the seller? Please contact PayPal Support Team immediately at +1(888) 000-0000 (Toll Free). If you have any issues, you can also contact +1(888) 000-0000 (Toll Free). If you do not reach out, we will proceed with the transaction."
(The phone numbers above have been edited.)
Er... what? This could be a note from PayPal, but what seller is going to say "Don't recognize us? Call PayPal!"
I checked the phone numbers, and they are not associated with PayPal.
What's going on here? The email is relatively polished for a scam, and the links might be legit. (No, I did not test them.) Maybe they are hoping that the victim will check online, find nothing, and then call one of the numbers?
I did check online (but not by clicking the links in the email) and PayPal has no knowledge of this transaction. This is where it stops. I'm not calling any numbers.
Stay sharp, folks!