Have you received an email recently from “PayPal” about improving security? With the huge number of data breaches reported this past year, it might be easy to see how someone could fall for this latest PayPal email scam. The email begins as follows:
“PayPal is constantly working to ensure security by regularly screening the accounts in our system. We recently reviewed your account, and we need more information to help us provide you with secure service. We would like to return your account to regular standing as soon as possible. We apologize for the inconvenience.”
The email I received was a request to update my profile and included a button with the title “Link Now.” The button went to a shortened link. The only reason I can think of that someone would shorten a URL in a button is to obfuscate the final destination. In other words, this had to be for the purpose of downloading malware or it’s a phishing site.
This email also signals another worrisome trend, that scammers have realized consumers are getting smarter and better at spotting bogus URLs. Thus, the email scammers are resorting to concealing their URLs by shortening them.
This particular link used the Bit.ly shortening service. Bit.ly links can be previewed by copying the shortened link, pasting it into your browser’s address bar, and adding a “+” sign right on the end of the link (do not leave a space!). The page that opens will allow you to see the full URL, the traffic to the link, and who shared the link. Other URL shortening services have similar preview options, but each may use slightly different methods.
In this case, the shortened link went to a long URL that began with “paypal.us.profile.update.automatically.” Because it’s the last part of a URL that determines the domain being visited, this link is obviously bogus.
Knowing the various tricks for each of the URL shortening services would be, at a minimum, a daunting task. Fortunately, the folks at longurl.org have decided to simplify the entire process. On their website, you can decipher the full URL of any shortened link. Bravo to the folks behind longurl.org, who have an extremely helpful service. Just in case you want to try it out, you can use the window below to see how it works.
Terry Odell says
So far, all the PayPal phising trips have gone to an email address I don’t use for PayPal, so it’s a no-brainer to delete them without opening.
Mary Roya says
It was. I am very cautious when I get emails like that. I usually just delete them and then go to the site using my own saved address not the one in the email. There I can check to see if I really need to do something. I also get emails from companies I don’t have accounts with, asking me to check my account. Thanks for sharing.