Outline:
‘Order Confirmation’ email purporting to be from eBay claims that you have purchased an Apple iPhone for $365.
Brief Analysis:
The email is not from eBay. It is a phishing scam designed to steal your PayPal account login details. The ‘Cancel Order’ button in the email opens a fraudulent website designed to look like the PayPal home page. If you log in via this fake PayPal site, criminals can steal your login details and hijack your PayPal account.
Detailed Analysis:
According to this email, which purports to be an order notification from eBay, you have purchased an Apple iPhone 5 for $365. The email includes a table of information about the supposed purchase and notes that the order was processed by PayPal. The email also features a ‘Cancel Order’ button.
However, the email is not from eBay. It is a phishing scam. The criminals who sent the email are banking on the fact that at least a few recipients will be panicked into clicking the ‘Cancel Order’ button in the mistaken belief that their account has been compromised and used to make fraudulent transactions.
One might expect that clicking the button would take you to eBay. But it instead takes you to a fake website that has been designed to emulate the genuine PayPal home page. Victims may think that, since the order was supposedly processed via PayPal, they will need to access their PayPal account to cancel. So, once on the fake PayPal site, they may proceed to log in with their PayPal email address and password. After logging in, the fake page will simply refresh. But, the login credentials that you entered will be collected by scammers who can subsequently use them to hijack your PayPal account.
The ‘cancel payment’ ruse is one that scammers commonly use. Similar tactics are used to distribute malware. Be wary of any order confirmation or receipt email that lists purchases that you know nothing about. If you receive such an email, do not click any links or open any attachments that it contains. Instead, check your account by entering the company’s address into your browser’s address bar and logging in. Or access your account via a trusted app. Any unexpected transactions or account issues should be revealed once you have logged in.
Last updated: March 15, 2016
First published: March 15, 2016
By Brett M. Christensen
About Hoax-Slayer
References
Phishing Scams – Anti-Phishing Information
Phishing Scam – eBay ‘Registration Suspension’ Email
Question About eBay Item Phishing Scam
PayPal ‘You Sent A Payment To Kogan’ Phishing Scam Email
Since you’ve read this far…
…can I ask you for a big favour?To enhance your privacy and security and offer you a better user experience, Hoax-Slayer is now ad-free. To keep the site online, I now rely on voluntary contributions from site visitors along with commissions from a few trusted products and services that I promote via reviews on the site.
If you found the above report useful, please consider supporting Hoax-Slayer by making a donation. Any amount you can give will be greatly appreciated.
You can donate using your credit card via the form below. Donations are collected securely via the online payment service Stripe. Stripe uses state of the art security to keep your data safe.
Thank-you.
Brett Christensen