Chapter in this post:
Above you can see a screenshot of the email that supposedly came from PayPal. I have marked three important features for you to help identify the message as a fake from fraudsters:
The above view comes from the Apple software "Mail", which is installed by default under macOS and in which e-mails and e-mail accounts can be organized. You can also query the address behind a sender name in Thunderbird, Outlook or on the websites of your mail providers (GMX, WEB, Yahoo, etc.). In Mail, this works by hovering over the name with the mouse cursor or clicking on it, and then clicking the arrow that appears to the right of the name. A menu opens that shows the sender address in the first place and in which the useful item "Block contact" can be found (see picture).
The subject "New message" is almost a standard feature for phishing emails or other attempts at fraud by electronic mail. Sometimes the scammers try a little harder, but in this case they don't. For comparison: the email actually sent a few days ago by PayPal with the reference to the new terms and conditions, which will come into force on June 16, 2020, had the subject "Pending changes to the terms and conditions of PayPal". That alone is no guarantee of a real email, but it makes it all the more clear that “New Message” is not a subject that the payment service would choose.
Why do I know that the link leads to a Russian website? Because I placed the mouse cursor over it. If the mouse pointer hovers over the "Continue" link of the mail, the URL behind it is displayed. You don't have to click the link to do this - and neither should you. If the mouse pointer hovers over it, the stickstart (dot) ru page is displayed. I did not include it here as a correctly spelled URL or link so that you would not call it up. Who knows what kind of malware is behind it ...
Whenever a new guideline, a new law or new terms and conditions come into force, fraudsters crawl out of their holes and try to steal data from gullible people. The mails get better and better - errors in the text are less and less common. And if so, then mostly comma errors that are seldom noticed. Often times, pressure is also built up. You should act quickly and enter the data without errors, otherwise the account will be blocked, and so on. A corresponding email made the rounds in January: PayPal e-mail on "Directive 2015/2366 (PSD2)" is phishing! - This message could be exposed as a fake at first glance, but there were still enough clues for a second and third glance. Check it out ;)
Jens has been running the blog since 2012. He appears as Sir Apfelot for his readers and helps them with problems of a technical nature. In his free time he drives electric unicycles, takes photos (preferably with his iPhone, of course), climbs around in the Hessian mountains or hikes with the family. His articles deal with Apple products, news from the world of drones or solutions for current bugs.