Feed Sign in with OpenID OpenID

Simon Willison’s Weblog

A typical phishing email will have a generic greeting, such as ’Dear User’. Note: All PayPal emails will greet you by your first and last name.

PayPal's Phishing Guide

Posted 22nd September 2007 at 2:33 pm

Tagged , , , ,

3 comments

  1. Spotted this in the footer of one of their e-mails as well:

    How do I know this is not a Spoof email? Spoof or 'phishing' emails tend to have generic greetings such as "Dear PayPal member". Emails from PayPal will always address you by your first and last name. Find out more here.

    Because obviously a phisher could never find out your name.

    Simon Willison - 22nd September 2007 14:34 - #

  2. That text tends to appear in spoof mails too, of course.

    (and for the record, I've never seen a paypal/ebay phishing mail with my real name in it.)

    Fredrik - 22nd September 2007 15:58 - #

  3. Ha :).

    Also, even legitimate PayPal emails still contain the: "View the details of this transaction online at...." link.

    The single biggest step they could take to avoid phishing would be to state that "Our emails will never contain a clickable link, always type www.paypal.com in your browser yourself". Voila, problem largely solved.

    Angus Turnbull - 23rd September 2007 06:00 - #

Sign in with OpenID

Auto-HTML: Line breaks are preserved; URLs will be converted in to links.

Manual XHTML: Enter your own, valid XHTML. Allowed tags are a, p, blockquote, ul, ol, li, dl, dt, dd, em, strong, dfn, code, q, samp, kbd, var, cite, abbr, acronym, sub, sup, br, pre

A django site