Home
Latest
Categories
Top Ten
Main Menu
FAQ
About
Privacy
Subscribe
Contact
- Press – Information for Journalists
Blog

Home
Latest
Categories
Top Ten
Main Menu
FAQ
About
Privacy
Subscribe
Contact
- Press – Information for Journalists
Blog

Home Phishing Scams Fake eBay ‘Order Confirmation’ Email Designed to Steal PayPal Login Details

Fake eBay ‘Order Confirmation’ Email Designed to Steal PayPal Login Details

written by Brett M. Christensen March 15, 2016

Outline:
‘Order Confirmation’ email purporting to be from eBay claims that you have purchased an Apple iPhone for $365.

Brief Analysis:
The email is not from eBay. It is a phishing scam designed to steal your PayPal account login details. The ‘Cancel Order’ button in the email opens a fraudulent website designed to look like the PayPal home page. If you log in via this fake PayPal site, criminals can steal your login details and hijack your PayPal account.

Example:

Detailed Analysis:
According to this email, which purports to be an order notification from eBay, you have purchased an Apple iPhone 5 for $365. The email includes a table of information about the supposed purchase and notes that the order was processed by PayPal. The email also features a ‘Cancel Order’ button.

However, the email is not from eBay. It is a phishing scam. The criminals who sent the email are banking on the fact that at least a few recipients will be panicked into clicking the ‘Cancel Order’ button in the mistaken belief that their account has been compromised and used to make fraudulent transactions.

One might expect that clicking the button would take you to eBay. But it instead takes you to a fake website that has been designed to emulate the genuine PayPal home page. Victims may think that, since the order was supposedly processed via PayPal, they will need to access their PayPal account to cancel. So, once on the fake PayPal site, they may proceed to log in with their PayPal email address and password. After logging in, the fake page will simply refresh. But, the login credentials that you entered will be collected by scammers who can subsequently use them to hijack your PayPal account.

The ‘cancel payment’ ruse is one that scammers commonly use. Similar tactics are used to distribute malware. Be wary of any order confirmation or receipt email that lists purchases that you know nothing about. If you receive such an email, do not click any links or open any attachments that it contains. Instead, check your account by entering the company’s address into your browser’s address bar and logging in. Or access your account via a trusted app. Any unexpected transactions or account issues should be revealed once you have logged in.

Last updated: March 15, 2016
First published: March 15, 2016
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams – Anti-Phishing Information
Phishing Scam – eBay ‘Registration Suspension’ Email
Question About eBay Item Phishing Scam
PayPal ‘You Sent A Payment To Kogan’ Phishing Scam Email

Fake eBay ‘Order Confirmation’ Email Designed to Steal PayPal Login Details was last modified: October 20th, 2016 by Brett M. Christensen

Search

Learn

Hoax-Slayer Knowledge Guides

What Is Facebook Cloning And How Can I Protect Myself From It?

‘No Harm Done?’ Think Again! – 4 Reasons Why Participating In Bogus Facebook Giveaways Is NOT Harmless

Hoax-Slayer is Hosted by Flywheel

Advance Fee (Nigerian) Scam List
Advance Fee Scams
Archive
Ask Hoax-Slayer
Bogus Warnings
Dating Scams
Death Scams and Hoaxes
Facebook Hacker Hoaxes
Facebook Scams
Fake-News
Featured
Health And Wellbeing
Health Hoaxes
Hoaxes
Humour
Legend
Malware
Misleading
Outdated
Phishing Scams
Phone Scams
Politics
Scam Catalogue
Scams
Spam Reports
Special Features
Tech HS
True
Unsubstantiated
Updated Reports
Victim Stories

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Privacy Policy