PayPal Spam: How to Detect Phishing Mails

There are many PayPal fake emails in circulation. A change in the terms and conditions is often mentioned here in order to obtain your data. This practical tip shows you how to recognize real emails and how you should react when you receive a fake email.

PayPal: Warning and spam - recognize real mail

Fraudulent phishing emails with the subject "Account Status" are currently being sent, the sender of which is allegedly PayPal.

• The mail contains a script as an attachment, which you should execute in order to be able to use the new, improved PayPal security mechanisms. Never open the attachment. The email does not come from PayPal. The attachment is therefore potentially dangerous.
• The mail can be recognized as a forgery, particularly by the sender " ".
• The text is also bumpy and written in poor German.
• It is best to delete the mail immediately and never click on the attachment.

How to recognize fake mails

Not every PayPal fake email can be recognized as spam at first glance. You can use the following points to determine whether a suspicious PayPal email is fake:

1. Real emails come from the domain "@ paypal.de", not " ".
2. The PayPal logo is no guarantee of the authenticity of the mail.
3. PayPal knows your first and last name and will always address you with them. Hardly any spam mail sender knows your name.
4. PayPal will never ask you to provide passwords or personal information via email. Such requests expose the fake mail.
5. As a rule, the German PayPal team speaks the German language. Many phishing emails reveal themselves through mistakes in spelling and grammar.
6. PayPal never sends attachments. Documents sent are a sure sign of a fake mail.
7. Such attachments are likely malware. Trojans in particular are difficult to detect and remove.
8. Check in the browser whether the links from the email actually lead to paypal.com. If in doubt, do not click on a link, but enter the Internet address yourself.
9. In many fake PayPal emails, links lead to dangerous pharming sites.
10. Learn how to recognize spam mails in our practical tip.

Is the PayPal email real?

Unfortunately, PayPal does not make it easy for you to distinguish real from fake mail.

• Not only fake emails, but also real PayPal emails sometimes use a suspicious sender address.
• The PayPal links also sometimes redirect to the tracking redirect "//epl.paypal-communication.com", which looks very suspicious and can hardly be distinguished from phishing links.
• The PayPal logo is also no guarantee for an authentic PayPal email. The logo can also be misused for illegal purposes by simply searching for images.
• To make matters worse, PayPal sends HTML emails. With an outdated browser, even real mails will be displayed incorrectly.
• According to PayPal, the mail shown is not an official email from PayPal.

Update: "PayPal informs: New terms and conditions"

• In January 2016, a new email appeared: An email with the notice that PayPal's terms and conditions are changing.
• The mail links to the real terms and conditions page of PayPal. Otherwise there is no evidence that the mail is a scam.
• There are no spelling and grammatical errors, direct requests to click links or change passwords, as is common with phishing emails.
• Conclusion: This mail is real. However, if you are unsure, you should always go directly to the PayPal website and not click on any links in emails.

The correct behavior for phishing and fake emails

You should do the following if you are unsure about the authenticity of a possible PayPal email or have recognized a fake email:

1. If you are unsure about a mail, you can call customer service free of charge at "0800 723 4500". Just have your customer service PIN ready.
2. You can find out how to create a customer service PIN in just a few steps in the PayPal Help Center.
3. Always forward suspicious mails to " ". In the past, you first received an acknowledgment of receipt of the forwarding and usually a reply on the same day. Probably due to overload, you have often not received an acknowledgment of receipt recently and sometimes have to wait many days for an answer.
4. This contains a binding statement as to whether the mail was genuine or not. Attention: The response email first contains general information on security and contact details for customer service. The actual statement follows at the end of the mail and can easily be overlooked.
5. On this occasion, PayPal will also check your account for suspicious activity.
6. Unfortunately, sometimes you do not receive a response email from PayPal. In this case, you can report suspicious emails directly via your PayPal account. In the picture gallery we describe how it works.

$config[ads_text5] not found

Exclusive CHIP special: Pay safely with your mobile phone & PC

Find out in our extensive special on 45 pages how secure PayPal really is, how well you are protected with online banking and what financial apps are good for.

• In this e-paper, the CHIP editors explain everything about the safe transfer of money on the Internet. Plus: money away! Who is liable?
• Simply go to the CHIP kiosk and immediately download the special as a PDF for 5.49 euros

In further CHIP practical tips you will learn how PayPal works and how secure PayPal is. If you suspect that you have caught a virus or trojan, then let the experts in the CHIP forum help you.

Latest videos

Log in to PayPal as usual. In the area on the right is the menu item "Write to us". Click on this to report alleged phishing emails.

$config[ads_text6] not found

Now select the menu item "Security and login data" and then the category "Suspicious emails".

Here you can now summarize all details about the supposed phishing mail. Of course, the senders, linked pages and whether the mail addressed you by name are particularly interesting. The easiest: Copy the complete mail and paste it here.