Today I received an email from Paypal [email protected]. You might as well say, what’s the fuss? The fuss is this email could have been spoofed. The email appeared genuine at first glance, but I can see why if you received this email you would be suspicious that it might be spam or a malicious redirector.
A quick glance at the source (hover over the links) and you should see why there might be a concern – the email had numerous links to: https://email0.paypal.com/servlet/xxx?xxxx (I’ve removed the x characters) – not very user friendly! More importantly, why would you trust a link that has http://email0 as part of the URL?
The above link is actually a genuine redirector to Paypal (https://cms.paypal.com/uk/cgi-bin/?&cmd=_render-content&content_ID=ua/upcoming_policies_full) but closer inspection of the URL and you will notice it also sends data to Responsys (one of three marketing companies) – this company collects the email and IP address and the date and time the recipient (you) opted in.
Yes you do have an option to ‘opt out’ – you’ll need to do this with PayPal directly though. Each PayPal email link (https://email0.paypal.com/servlet/xxx?xxxx ) has a unique ID assigned to each PayPal account. Look at the HTML source in the email to learn more.
Now to your browser: While you are still on: https://cms.paypal.com/uk/cgi-bin/?&cmd=_render-content&content_ID=ua/upcoming_policies_full click on the paypal.com site favicon for an instant identity overview (this is the website logo to the left of the URL location bar). You can then check whether the website page has been verified. Click on ‘More Information’ and make sure you see:
- Web site: cms.paypal.com
- Owner: No ownership information is supplied (only applicable to the link above)
- Verified by: ‘The USERTRUST Network’
You should then click the ‘View Certificate’ button. You should see the PayPal certificate has been verified for an ‘SSL Server Certificate’. If you don’t see any of what is mentioned above then it could mean you have been redirected to a fake PayPal web page. ID Theft Protect suggests you ALWAYS use a sandbox or virtual browser to protect your browsing sessions anyway.