I received an email purporting to come from the security office of Paypal. The email claimed to be offering extra protection to Paypal’s online customers but when I checked its source it had been sent from Australia. The email was worded: “I am sorry to bring to your attention that some of our Paypal servers became susceptible to the Heartbleed bug. However, our IT engineers have worked tirelessly to curtail the attack and bring it under control. Unfortunately, some accounts were affected, as they were insecure, and your account has been identified as one of them. Earlier this year a major new security bug, dubbed Heartbleed, suddenly appeared with severe implications for the entire Web. This bug can scrape a server’s memory where sensitive information is stored, including passwords, user-names, and credit card details.”
The scam email is so convincing that anyone with no experience of email scams could easily think it was genuine.
Having claimed that my Paypal account had become insecure, I was asked to log into my Paypal account and follow the guidelines, and in return I would be given greater protection. This would have given the fraudsters my password, address, and other private financial details.
I became suspicious when I realised the bogus email had not arrived on the address I use for Paypal, otherwise I would probably have fallen for it. Be very wary about what links you check on in emails as there are so many scams circulating at the moment.
Chair of Newbury and Thatcham Neighbourhood Watch