Once again, this is a general reminder to carefully check the emails you get from supposedly legitimate sources. In this instance, Gmail quickly flagged the email as suspicious before it got to me, but in the case that it doesn’t or you use a different provider be sure to investigate the sender and NEVER click on links in emails.
This particular email wasn’t very crafty. Except through its use of an alarming subject line: “We apologize temporary your account will be limited”
You can see that the domain name from the sender is addmin-suport.info. Disregarding the fact that it’s not coming from paypal.com the suspiciously misspelled name is an obvious indication of something fishy. Add on to that the email is sent via sendgrid.me. When doing a google search one of the auto-complete results is “sendgrid.me scam”. It appears that it is a platform for sending large quantities of emails, which could be a service phishers might try to utilize to spread their lures. Be very careful when deciding on whether or not to open an email. It could result in a virus or having your credentials stolen along with your identity.
Verify senders and when possible, visit the site by on your own without clicking the link.
Without proper security, email addresses can be spoofed, however in this particular message the sender could not spoof the address. Instead he/she/it made the sender’s name PayPal in the hopes of fooling users. If you want to check out the sender information yourself in gmail you can click the more down arrow and select “show original”. This will show the email headers as well as urls completely exposed.
Furthermore and more importantly, the URL to paypal does not link back to PayPal. Instead it links to paipals . com which is designed to steal your credentials.
We see how phishing emails designed to steal credentials are getting more crafty, attempting to trick users into logging in to a fake PayPal page with alluring messages. Be aware.