Phishing Example: PayPal - We need your help

March 22, 2016

What makes this a Phishing message?

The email address of the sender is not from PayPal (Access@up.com).
The grammar in the message is very poor, which is always a strong indicator of a fraudulent message.
The "Update your information" button goes to a nefarious website (treebeard.mschosting.com).

Original Message:

Subject: Your account has been Iimited untiI we hear from you
From: Customer service <Acces@up.com>
Date: 3/22/2016 4:14 PM
To: xxxx@berkeley.edu

Return to The Phish Tank or Phishing Examples Archive

Topics

Phishing topic page

Warning: The links and email addresses included in these messages are from real-life examples, do not attempt to explore them.

The most dangerous links have been removed - you can hover your cursor over these links to see the original address in a pop-up techtip (instead of in the corner of the browser window).

Report suspected phishing emails to consult@berkeley.edu. Be sure to include the entire text of the message, including the email header.