There are spams and spams and there’s a really bad spam. This one is an example of a bad one.
Subject: PayPal Security Measures!
Dear PayPal Member,
Your account has been randomly flagged in our system as a part of our routine security measures. This is a must to ensure that only you have access and use of your Paypal account and to ensure a safe PayPal experience.
We require all flagged accounts to verify their information on file with us. To verify your information at this time, please visit our secure server webform by clicking the hyperlink below:
Click here to verify your Information.
I must admit that this got me worried because I happen to have a Paypal account. And the mail is very believable and straightforward. Thank God for Gmail who flagged this spam with this red alert:
Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information.
True enough. Although the spammer pretended to be from Paypal (PayPal Security Center daw) he used a generic email (firstname.lastname@example.org) which is different from the usual Paypal notification sender (@paypal.com).
Now, why is this a really bad spam? Because it threatens our finances. Imagine if you were sucked into it and gave out your Paypal information. You can kiss your Paypal money goodbye.
Well played, spammer, well played. May you burn in hell for the people you’ve fooled.