is this email really from paypal?

Joined
Mar 15, 2006
Messages
1,237
Reaction score
27
Points
48
Your Mac's Specs
2015 Retina 4K iMac. Monterey. 8GB RAM. Crucial 500GB external SSD
I don't think it is. but this one is difficult to tell for sure. they knew my name, but that means nothing. if I hover the cursor over the "click here to view in your browser", you see the long ugly URL at the bottom which also does not look like paypal to me? thoughts?

paypal2.png
 
Last edited:

chscag

Well-known member
Staff member
Admin
Joined
Jan 23, 2008
Messages
65,248
Reaction score
1,833
Points
113
Location
Keller, Texas
Your Mac's Specs
2017 27" iMac, 10.5" iPad Pro, iPhone 8, iPhone 11, iPhone 12 Mini, Numerous iPods, Monterey
As far as I know, it's genuine. I received the same notice from PayPal a while ago. You can check it out by accessing your PayPal account and look for messages that are there for you to read. My bank also sends similar messages which I can always check by going to their site and entering my account.
 

Raz0rEdge

Well-known member
Staff member
Moderator
Joined
Jul 17, 2009
Messages
15,745
Reaction score
2,071
Points
113
Location
MA
Your Mac's Specs
2022 Mac Studio M1 Max, 2023 M2 MBA
Valid FROM address. Hover or the 2 links in the email (DO NOT CLICK) and if they point to paypal.com as the start of the domain with no spelling mistakes or issues, then it's legit. Generally when I get these sorts of emails from services where I have an account, I just login manually and check any alert/messages/inbox or whatever they have available to read the messages.

If you don't have an Paypal account, then that's a different story.
 
OP
macgig
Joined
Mar 15, 2006
Messages
1,237
Reaction score
27
Points
48
Your Mac's Specs
2015 Retina 4K iMac. Monterey. 8GB RAM. Crucial 500GB external SSD
not seeing any messages in my paypal account that were sent to me.

the 2 URL’s I see that look suspicious to me are:

mail.paypal.com
epl.paypal-communication.com

I forwarded it to [email protected]. I'll find out what they say whenever they reply. If I had no paypal account I would not care and would not be asking. :)

the links point to

epl.paypal-communication.com/ (lots of long characters after this (see photo). looks suspicious to me.
 

Raz0rEdge

Well-known member
Staff member
Moderator
Joined
Jul 17, 2009
Messages
15,745
Reaction score
2,071
Points
113
Location
MA
Your Mac's Specs
2022 Mac Studio M1 Max, 2023 M2 MBA
Looks legit to me. The long characters are required to differentiate you from others the email was sent to.
 
OP
macgig
Joined
Mar 15, 2006
Messages
1,237
Reaction score
27
Points
48
Your Mac's Specs
2015 Retina 4K iMac. Monterey. 8GB RAM. Crucial 500GB external SSD
thanks for the fast help. :)
 
Joined
Aug 2, 2011
Messages
2,014
Reaction score
184
Points
63
Location
Tyneside, UK
Your Mac's Specs
MBP Retina mid 2015 15.4" 16GB 2.5 GHz OS Monterey; iPhone 12 128gb; iPad Mini 5, 64gb
Never had that one but there was a phishing attempt yesterday supposedly from paypal. Knew I'd made no such transaction and reported it. You have to be so alert.

Screen Shot 2018-10-03 at 13.36.54.png

Screen Shot 2018-10-03 at 13.36.23.png
 
Joined
May 21, 2012
Messages
10,703
Reaction score
1,158
Points
113
Location
Rhode Island
Your Mac's Specs
M1 Mac Studio, 11" iPad Pro 3rdGen, iPhone 13 ProMax, Watch S7, 2018 15" MBP, AirPods Pro
I always check the senders email address. And, of course, never click on a link in an email.
 
OP
macgig
Joined
Mar 15, 2006
Messages
1,237
Reaction score
27
Points
48
Your Mac's Specs
2015 Retina 4K iMac. Monterey. 8GB RAM. Crucial 500GB external SSD
sent it to paypal. they say its legit. why is it not from paypal.com?

epl.paypal-communication.com

is not the same as paypal.com, that is why I was suspicious.
 
Joined
Jan 1, 2014
Messages
629
Reaction score
52
Points
28
Your Mac's Specs
MacBookPro 13 v11.1, i5 2.4 GHz, 256 GBs SSD, 8 GBs DDRs
sent it to paypal. they say its legit. why is it not from paypal.com?

epl.paypal-communication.com

is not the same as paypal.com, that is why I was suspicious.

PayPal, like other larger companies hires MarkMonitor for brand protection. When they do, the registrar for the domain in question changes to MarkMonitor. For example, even for paypal.com the registrar is MarkMonitor, but the contact information is for PayPal:

whois paypal.jpg

The same goes for the epl.paypal-communication.com DNS name as well.

You really need to dig in to it to determine who is who. The traditional "If it did not come from paypal.com, then it's spoffed email" no longer applicable in most cases. Hackers are probably happy about this change...
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top