Today I actually gor a real – yes REAL – email from paypal. Yes thats true – theu are changing the User Agreement and everyone needs to read it so yes there are links in the mail that you need to follow to read it.
But how do I know its from paypal and not another phishing attempts.
Well I see 2 things:
- The first and most important one is that its addressed to me – Dear First-name Last-name. Almost all phishing attempts just say Dear Paypay user as they dont have the database of paypal users and not have the processing time to send-out individual mail – its mostly mass-mailings.
- Secondly its not pretending to so anywhere else. The link is – just click here – not a webaddress that don’t correspond to where it goes.
So this was a real mail.
Just be careful out there.
I find a very good first line of defense is to set my e-mail preference to ‘plain text’ rather than HTML mail that way if the format is wrong it’s obviously spam, then the links re clearly visible so one can inspect where one is being asked to click through to.
Finally of course both E-Bay and PayPal use SPF, so checking the sender is also useful.