I often get phishing emails. They don't bother me because I'm aware of them and I'm very careful before clicking on links. Every now and then I get one that catches my attention and I check into it a little further before declaring it as phish. This morning I got one that made my heart beat a little faster and made me quickly check my paypal account. Below is the text of the email.
You have added email@example.com as a new email address for
your PayPal account.
If you did not authorize this change or if you need assistance
with your account, please contact PayPal customer service at:
Thank you for using PayPal!
The PayPal Team
Please do not reply to this e-mail. Mail sent to this address cannot
be answered. For assistance, log in to your PayPal account and choose
the "Help" link in the header of any page.
PROTECT YOUR PASSWORD
NEVER give your password to anyone and ONLY log in at
https://www.paypal.com/. Protect yourself against fraudulent websites
by opening a new web browser (e.g. Internet Explorer or Netscape)
and typing in the PayPal URL every time you log in to your account.
PayPal Email ID PP0018HHIKCSLWEFSWXIRMDXOCHIDSSJDZBRRBYLDHYC
What really scared me about this is that it came to the email account that I have registered with paypal. Most of the phishing emails I get don't come to the address that I have registered with the site in question or if it is the email is so obviously fake that I know it right away. It did't take too much investigation to discover that the link is redirected to somewhere in the Asia/Pacific rim but it still gave a little jump to my blood pressure. I can't imagine what I would have done if I was the typical uninformed user. I hate to think that I would have just opened up my paypal account to joe hacker. Even after confirming that it was a phish I still logged in to paypal to make sure. I still had a sinking feeling that I had been compromised. I need to go take a shower. This makes me feel violated.