Don’t respond to unsolicited e-mail. Don’t click on links that say “Click here to be removed from this mailing list.” And especially – never, ever put passwords or credit card information into e-mail messages.
I’ve used PayPal once. I got a message this morning. The sender shows as email@example.com. The message is laid out nicely, displays PayPal’s logo and has this text:
Dear PayPal Customer:
PayPal is currently performing regular maintenance of our security measures. Your account has been randomly selected for this maintenance, and placed on Limited Access status. Protecting the security of your PayPal account is our primary concern, and we apologize for any inconvenience this may cause.
To restore your account to its regular status, you must confirm your email address by logging in to your PayPal account using the form below.
Following that text are spaces to fill in name, e-mail address, bank account number, credit card number and expiration date, and a “Log In” button. In small print at the bottom is standard text about mailing lists, links to PayPal customer preference pages, and a copyright notice for PayPal.
It’s a scam. If you put in the information and press Log In, you’ll be taken to a realistic looking page that says, “The PayPal page you’re looking for is down for maintenance. Please try again later.” And your bank account and credit card information will be in the hands of very bad people.
When you look at your e-mail – virus warnings, solicitations, whatever – skepticism is your friend. And when it comes to your money – be careful out there!