I got an email from a supposed Paypal requiring me to verify my details.
On the surface it looks pretty decent, a proper header, the use of the trademark signs when necessary, even the hyperlink and the return email address looks pretty legitimate.
The biggest tell tale sign that this is a phishing email is that this is not the primary email address I'm using for my Paypal account.
Then I ran my cursor over the seemingly legitimate hyperlink and look at this,
It appears that the hyperlink would be redirecting me to some other weird website.
So I ran a check on the full message header to check where the email originated from, and take a look at this,
It clearly states that the author of the email is not from Paypal but some other weirdshite organisation.
For pre-emptive measures, I decided also to check with Paypal to doubly make sure that this is phishing even though I'm already 99% sure that it is. So I ran around to check for an email address from Paypal to see if I can check it with them. True enough, Paypal does have a whole range of security measures, and specific departments to handle all sort of phishing complaints. To report phishing emails, just forward the email received to firstname.lastname@example.org simple as that, and that was what I did.
And their response was pretty quick, not that I think it'd take pretty long for them to decide if they did or did not send out verification emails.
But at least it's one less worry off my back.
Usually I don't go to such an extent to report phishings, but Paypal is different because they handle my money, and anything that has a direct relation to me and my money is a pretty serious issue. Over here I'd like to highlight the importance of recognising a phishing email and not fall into the traps of phishing.