Ask Dave Taylor
  • Facebook
  • Instagram
  • Linkedin
  • Pinterest
  • Twitter
  • YouTube
  • Home
  • YouTube Videos
  • Top Categories
  • Subscribe via Email
  • Ask A Question
  • Meet Dave
  • Home
  • Computer & Internet Basics
  • Email Says I Need to Update my PayPal Account?

Email Says I Need to Update my PayPal Account?

March 28, 2018 / Dave Taylor / Computer & Internet Basics, PayPal Help, Spam, Scams & Security / 1 Comment

Help! I got an email from PayPal saying that I need to update my account information, but when I click on the link, it takes me to a completely unrelated site. How can I update things so I don’t lose access?

There are a lot of scammers on the Internet, and not all of them are dorky kids working in the basement, trying to trick you. Some of them are large scale criminal organizations – some even funded by government agencies – seeking to steal your identity or otherwise cause widespread mischief. As a result, so-called “phishing” attacks are getting more and more sophisticated, requiring us online citizens to become smarter and more skeptical both.

Scammers and con men have been around since the dawn of time, but the online world brings a dramatic boost in overall efficiency that makes their jobs considerably easier and now instead of trying to trick the dozen or so people gathered around their wagon in the marketplace, they can reach out to thousands of people from a single device.

All of this is to say that you need to be more skeptical. If you click on a link and go to a site unrelated to the vendor (including when you look at the domain name of the landing page!) you need to ask yourself is this legit? Odds are, it isn’t. Next time, you need to really do your homework before you click on the link because what if it had looked legit? Would you have entered your account and password, trying to log in?

Let’s look more closely at a similar “PayPal” email I received:

paypal phishing scam email

At first glance it looks reasonably legitimate, with the PayPal logo, no obvious typos or misspellings, and a reasonable subject of “Update your account information”. But a closer look can already reveal that it’s bogus: Look at the reply-to address. “servie@hp.com”. Why would PayPal have an email reply-to address within Hewlett-Packard, instead of an @paypal.com address?

But maybe your email program wouldn’t show that item of information. Instead, have a quick peek at the sender email address. In Apple Mail, that’s done by clicking on the tiny down arrow adjacent:

sender email address, paypal phishing

So it not only has an hp.com return address, but it appears to be sent from HP too.

Note: spammers routinely fake origin address, reply to address and similar, so don’t worry that HP has been hacked or that it’s someone at HP doing something criminal.

There’s a much more important link to check before clicking anyway: the URL associated with that big, inviting blue “Resolve” button. Again, in Apple Mail, moving the cursor over a link will show the associated Web page address, and just about every decent email program should have a similar feature. In this case, it’s clearly not going to take you to a PayPal login page:

phishing bogus paypal link

That’s pretty weird, a page called “pp” within “mobile/styles” on the site “watcvm.org”. Quite likely this is a site that a hacker snuck onto to set up the fake PayPal login page, so they’re not part of this either! As soon as you see a mismatch in domain names, you can safely conclude the email is bogus and delete it. Done.

But let’s say you did click. Often, you’ll get to a login page for PayPal or a similar service that’s completely identical to the real page on the actual site. Duplicating a page is quite easy, unfortunately. Log in on the bogus site, though, and they can quickly hijack your real account and drain it of any money you have therein. They would also gain access to your name, address, phone number, and quite a bit more personal information. Not good at all.

This is a rare instance where clicking on the bogus link doesn’t produce a fake login page, but instead just drops you onto the home page of the innocent, hacked site:

world association of traditional chinese veterinary medicine

Completely legit site and clearly no association with PayPal whatsoever. Often a lazy admin on a site like this won’t know they’ve been hacked and are the center of a widespread site attack. Oh, and if you think that having a security certificate and being “Secure” on the address bar means an organization is proof that they’re legit…

SSL certificate detail

Notice that anyone can get an SSL certificate. Again, WATCVM is a real, valid organization but there’s nothing to stop bad guys from setting up a bogus site that seems legit, pay for an SSL certificate, and use that as the basis of their next online scam…

Anyway, the real lesson of this experience is be more skeptical. If you get an email telling you that there’s a crisis of some sort with your banking, social media, or other account, check a few items like who sent it and where it’ll take you before you believe it and proceed. Better yet, never click on links in email. Instead, just go directly to the site and log in as you always do.

Be careful out there!

About the Author: Dave Taylor has been involved with the online world since the early days of the Internet. Author of over 20 technical books, he runs the popular AskDaveTaylor.com tech help site. You can also find his gadget reviews on YouTube and chat with him on Twitter as @DaveTaylor.

Let’s Stay In Touch!

Never miss a single article, review or tutorial here on AskDaveTaylor, sign up for my fun weekly newsletter!
Name: 
Your email address:*
Please enter all required fields
Correct invalid entries
No spam, ever. Promise. Powered by FeedBlitz
Please choose a color:
Starbucks coffee cup I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you, Dave, for all your helpful information by buying you a cup of coffee!
bogus email, identity theft, online safety, paypal phishing email, paypal scams, phishing, scam email, spam email

One comment on “Email Says I Need to Update my PayPal Account?”

  1. Nathaniel Gildersleeve says:
    April 5, 2018 at 9:34 am

    I try to avoid clicking on links in emails. If possible, I try to go directly to the site, paypal.com in this case. If I do click on a link in an email, I never fill out a form or give out any personal information. I doubt these practices are foolproof but I think it’s better than nothing.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search

Recent Posts

  • How to Check Energy Recommendations on your Windows Laptop
  • How Do I Customize New Tab Windows in Safari for Mac?
  • Can AI-Generated ChatGPT Text Be Accurately Identified?
  • How to Perform a Microsoft Account Security Audit and Checkup
  • How Can I Customize My Linux Dock / Taskbar?

On Our YouTube Channel

How to: Replace a Switchbot Door Sensor Battery

EMEET Luna vs INNOTRIK Studio Bluetooth Speakerphones -- DEMOS & REVIEW

Categories

  • AdSense, AdWords, and PPC Help (106)
  • Amazon, eBay, and Online Shopping Help (163)
  • Android Help (226)
  • Apple iPad Help (147)
  • Apple Watch Help (53)
  • Articles, Tutorials, and Reviews (346)
  • Auto Tech Help (15)
  • Business Advice (200)
  • ChromeOS Help (31)
  • Computer & Internet Basics (778)
  • d) None of the Above (166)
  • Facebook Help (383)
  • Google, Chrome & Gmail Help (188)
  • HTML & Web Page Design (247)
  • Instagram Help (49)
  • iPhone & iOS Help (623)
  • iPod & MP3 Player Help (173)
  • Kindle & Nook Help (99)
  • LinkedIn Help (88)
  • Linux Help (173)
  • Linux Shell Script Programming (89)
  • Mac & MacOS Help (911)
  • Most Popular (16)
  • Outlook & Office 365 Help (33)
  • PayPal Help (68)
  • Pinterest Help (54)
  • Reddit Help (19)
  • SEO & Marketing (82)
  • Spam, Scams & Security (95)
  • Trade Show News & Updates (23)
  • Twitter Help (220)
  • Video Game Tips (66)
  • Web Site Traffic Tips (62)
  • Windows PC Help (947)
  • Wordpress Help (206)
  • Writing and Publishing (72)
  • YouTube Help (47)
  • YouTube Video Reviews (159)
  • Zoom, Skype & Video Chat Help (62)

Archives

Social Connections:

Ask Dave Taylor


Follow Me on Pinterest
Follow me on Twitter
Follow me on LinkedIn
Follow me on Instagram


AskDaveTaylor on Facebook



microsoft insider mvp


This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this site or on any linked site. Further, please note that by submitting a question or comment you're agreeing to our terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site. Our lawyer says "Thanks for your cooperation."
© 2023 by Dave Taylor. "Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.
Privacy Policy - Terms and Conditions - Accessibility Policy