Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 165 - November, 2013 (1st Edition) - Page 6

PayPal 'ASDA Stores Order' Phishing Scam

Issue 165 Start Menu

Previous Article            Next Article

Outline
Email purporting to be from PayPal claims that the recipient has submitted an order for 59.99 GBP to Asda Stores.

Caution email fraud

© Depositphotos.com/ sangoiri



Brief Analysis
The message is not from PayPal. It is a phishing scam designed to steal personal and financial information from recipients.

Bookmark and Share
Example

Subject: You submitted an order amounting of 59.99 GBP to Asda Stores Limited

Thanks for using PayPal. Please note that this is not a charge. Your account will
be charged when the merchant processes your payment. You may receive multiple emails as  the merchant processes your order.

Your funds will be transferred when the merchant processes your payment. Any money in your PayPal account at that time will be used before any other payment source.

View the details of this transaction online

PayPal ASDA


Detailed Analysis


This message, which purports to be from online payment service PayPal, claims that the recipient has submitted an order of 59.99 GPP to Asda Stores Limited. The message, which closely emulates the style and formatting of a typical PayPal transaction notification email, invites recipients to click a link to view transaction details online.

The email is not from PayPal and the order details listed in the message are invalid. In fact, the message is a phishing scam that attempts to trick recipients into sending personal and financial information to Internet criminals.

The scammers hope that at least some recipients, panicked into believing that unauthorised transactions have been made via their PayPal account, will click the link seeking further information.

Those who do click the link will be taken to a fake PayPal website. The site runs a script that makes it appear that the visitor has been automatically logged into his or her PayPal account.

Once "logged in", the user will be presented with a fake form that asks for credit card details as well as contact and other personal information. When the user clicks "Submit" on the fake form, a "credit card is now secure" message will be displayed and the site will automatically redirect to the genuine PayPal website.

Meanwhile, the criminals can collect all of the information submitted via the fake form and use it to commit credit card fraud and identity theft.

PayPal customers are almost continually targeted by phishing scammers. When sending emails, PayPal will ALWAYS address you by name, never "Dear Customer" or other generic greetings.  Be wary of any PayPal email that claims that you must click a link to verify a payment or update account details.

It is always safest to login to your PayPal account by entering the address into your browser's address bar rather than by clicking a link in an email.

You can report PayPal phishing scam emails that you receive via the reporting email address listed on the company's website.

Bookmark and Share

Last updated: October 23, 2013
First published: October 23, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information
Skype TopUp Payment PayPal Phishing Scam
Send hoax emails to phishing@paypal.com.au



Previous Article            Next Article

Issue 165 Start Menu

Pages in this issue:
  1. Instant Noodles do NOT contain a Wax Coating That Causes Cancer
  2. Stephen Harper Inflammatory 'First Nations' Tweet Exposed as a Hoax
  3. Inaccurate 'Now Hiring' Toll Free Phone Number Message Still Circulating
  4. Celine Dion Death Hoax Points To Rogue App
  5. Chevrolet Camaro Giveaway Like-Farming Scam
  6. PayPal 'ASDA Stores Order' Phishing Scam
  7. Amy Hamilton Missing Child Hoax
  8. Will Smith Facebook Death Post Leads to Rogue App
  9. Orange 'Account Notification' Phishing Scam
  10. Ford Mustang Giveaway Facebook Like-Farming Scam
  11. Facebook Donations For Sharing Hoax - 'Burned Baby Alexandra'
  12. Kik Messenger 'Over Usage Of Names' Forwarding Hoax