I got the following message in email today. The "phishing" detector in my brain went off immediately, but on further inspection it appears that this message really did come from Paypal.
This message seems non-phishy due to the following aspects:
- My full name is used, not something derived from my email address
- There are no links to click on (ie. "click here to visit the Resolutions Center")
- The message headers (below) indicate no evidence of forgery
- The IP address it was sent from matches the SPF record at paypal.com
Paypal is in the unenviable position of having to fight with all the phishers when they really do want to email a notification to their customers. It appears that this is the best they can do, and of course the phishers will imitate this style of message as closely as possible, which makes Paypal's original message look like junk mail. It's an uphill battle for them.
Now I'm curious about what they've done with my account.( Collapse )
Update: I logged on to Paypal and they appear to only have expired my password. No other outstanding issues were to be found in their "Resolution Center" after logging on. I've found that Paypal seems to expire my password frequently (once every month or two), and asks that I supply a new, different password plus configure two new security questions. Perhaps I've been getting a message like this every time they expire my password but this is the first time I noticed it wasn't a phishing message.
I just checked my mail and one second after receiving confirmation of changing my password and security questions, I also got:
Thanks Paypal. Hardly a pleasure doing business with you.