I recently received an email that was ‘from’ Paypal, thanking me for my generosity. As far as I recalled, I hadn’t made a Paypal donation recently, if ever.  I wondered if someone had used my login information and made a donation. Then I examined the email more closely. I had received fake Paypal emails before, and they were pretty easy to detect. Hovering over the links embedded in those emails revealed URL’s that had nothing to do with Paypal.

This email said “Your gift is greatly appreciated.”, “It’s people like you that make all the difference.”, “Thanks for choosing to make your donation with PayPal – the faster, easier and safer way to support your favorite causes.”, “Thanks for being awesome. For your generosity, we want to share a little something with you. Shop deals”.

The links in this email all started with: “https://email-edg.paypal.com/r/…”.  Phishing emails in the past had not used my full name. Things weren’t adding up.

I forwarded the email to spoof@paypal.com. 

Next I logged in to my account via a ‘Private’ (or ‘Incognito’) window. I wanted to check my Notification settings since at the bottom of this email it said my account was set to receive “News and Promotions”. My notification setting choices are: Developer Updates, Surveys, Newsletters and Service Updates, Paypal Marketing, and Updates When Account Info is Changed. So, no ‘News and Promotions’ option. ‘Newsletter and Service Update’ was checked so I unchecked it.

I also checked my account activity for the past 90 days — no donations.

I will consider this email a phishing email until proven otherwise. Let’s see if I hear back from Paypal.