This morning my email spam filter failed.

In my inbox, I got this email saying my PayPal account had been blocked! (you don’t have to read it all, scroll down to see why I know it’s not real)…

… looks scary right!? My PayPal account has been locked because of 1 or more bad things which may have happened. I better Confirm Now, right!???….

But, well, what, wait a second, there are a few things here which are not quite right (highlighted in red), I will go through each point below to explain why it is not correct and how you can spot similar things if you get a similar email (claiming to be from any company).

What’s wrong with this email?

  • Starting at the top, the “From” field does not say   [email protected], this is very easy to fake so even if it did say PayPal.com I wouldn’t trust it right away
  • “To” field does not have my name in it, AND I don’t have a PayPal account with that email address
  • It’s not addressed to me by name, looking back at other emails from PayPal (real ones) they always use my full name in the actual email
  • Would PayPal pick customers “randomly”?
  • There is a lack of punctuation at the end of the second sentence, and it doesn’t read very well*
  • “Possible Events” – do PayPal not know what happened to your account??
  • The bullet points and next sentence don’t read well*
  • The button is called “Confirm Now” but the text says “Authenticate Now”
  • THE MAIN ONE: When you hover over the button (never click it) the website address you go to is not PayPal.com (See red highlighted area at the end of the email). Even if it said paypal.com it might not be true, because for example  SecurityCheck.PayPal.com.techinnercircle.co.uk/AccountUpdate is actually on techinnercircle.co.uk (and no I haven’t set anything up on that address 😉 )

Just to be clear this email is not from PayPal and I get 100s of these types of email (claiming to be from all sorts of companies) a week (across my different email addresses). Generally 1 or more of the telltale signs listed above will help you spot the fakes from the real ones.

If you are unsure

Go to the company website yourself (not clicking the links in the email) and log in as you would normally – chances are everything will work fine, if not then as you log in the company will ask for any extra details as you go.

In this case I would type  https://www.paypal.com  into my web browser and not click any links in any email, even if I think it is a real one.

Stay Safe
Mike 🙂
*As regular readers of my Journal Posts will know my spelling and punctuation is hit and miss at best so again not a strong indicator…