PayPal Phishing Email and Fake Website

PayPal Phishing Site Looks Like An Exact Copy

A new, very well done PayPal phishing email and fake PayPal site are presently in circulation, and they look incredibly legitimate, but make no mistake – their fakes designed to steal your personal info.

First reported to us by an IT professional who was almost duped himself, we’re sharing this to help keep you safe from these online predators.

This personal identity theft scam starts with a very legitimate looking email in your inbox. Here is an image of what it looks like.

screenshot of PayPal phishing email

Note that the usual telltale signs of a phishing email are absent from this well done fake – no slightly off company name, no awkward client greeting, poor grammar, or an overseas address. Can you see yourself clicking through on the Log In Now button?

If you were to click through, you would be taken to the incredibly real looking website.  Check out the real and fake PayPal websites below.

Which One Is The Real Vs The Fake PayPal Website?

Can you tell which is which?

Screenshot of the real aPayPal website

Screenshot of a fake PayPal phishing website

 

Pretty tough to tell, isn’t it? They look very nearly identical.

If you subscribe to our newsletter, you might be in the practice of checking the url of websites you visit if you doubt their legitimacy.  In this case, you would have noticed the URL is fishy, and that would have been your tip off that this site is a dirty, tricky fake trying to steal your ID.

As a fun test,  I decided to see how well I could fake a website.  I found a website that I love the aesthetics of (may as well make this test fun), and I copied it.  Now, I don’t have permission from the original site owner to display the two side by side, but suffice it to say, I nailed it.  And it only took about an hour.  Think about that.  An hour to throw up an identical website.  And I have only beginner level web design skills.  The lesson here is to be ever more diligent because digital forgery, phishing and dupery is becoming increasingly easier to pull off.

What To Do With This Information

1. If you received this PayPal phishing email, clicked through and “updated” your info on the fake site, you may recall that one of the required fields was your social insurance number (SIN).  If you gave out your SIN, you need to contact the Canadian Anti-Fraud Centre now.  Here is a direct link to their site on how to report a fraud.

2. Share this blog post with friends to help keep your people safe.

3. Share this blog post on your own social media channels, because sharing good, valuable information increases your own credibility.

Until next time, stay safe online!

Sharing is good.