First of all do NOT proceed with any request that
it makes, do NOT enter any information and do NOT click on any link in
the spoof email.
Now that we've identified the email as a spoof, what should we do?
Whilst most people would probably just delete it,
it is important to remember that the only way to end the scam is
to report it to those who it pretends to be from. Reports should also
be made to the relevant authorities (such as the FBI's Internet
Fraud Complaint Centre).
eBay and Paypal have their own department which deals
with hoax email scams, and they take steps to make sure
that any website that the email may point you to is closed down as soon
as is possible. So, its imperative that they receive a copy of the hoax
email at your earliest opportunity.
Paypal will require you to send the entire email (by 'forwarding' the
email and do NOT use copy and paste) to firstname.lastname@example.org or spoof@paypal,
and they will respond later with a confirmation as to whether it is a
spoof or not and what they are doing to counteract it.
is also important that we receive a copy of any spoof you have received,
so we can then keep our readers up to date on the latest techniques
employed by the identity thieves. Please
report your email spoofs using our dedicated Spoof
Email and Phishing Scam Report Form
Once you've made the reports and forwarded the spoof,
just delete it.
Next, let's consider what to do if you are too late,
and you've given information in response to the spoof email...