Have you ever logged into your inbox to find that PayPal has emailed you? There are 3 possible outcomes of this occurrence; first is that it is indeed your PayPal, but they will never ask you to confirm any personal details via email. Second, is you click the link, believe the email that states that your PayPal needs some personal information from you. The third is that you phone your PayPal and the confirm that the email is false. Had you been unfortunate and chosen the second option, you could find yourself falling victim to fraud, as the email in question will is a “phishing” email.
Phishing emails are sent to unsuspecting members of the public and are an attempt to obtain information like username, passwords, credit and debit card details. Use PayPal no credit card details!! Read more here… These emails will include a link to a site that will be more or less identical to your banks real page. This is of course to deceive you into thinking that the email is legitimate and fool you into supplying the emails they require. Recently, a brand new system named DMARC – Domain-based Message Authentication, Reporting & Conformance – has been created by various companies wishing to reduce the amounts of these phishing emails by cracking down on the deployment of these emails as well as reporting them to authentication protocols. Basically – they want procedures in pace to make it far easier for the everyone to determine whether an email is a phishing attack. The big names standing behind the DMARC are companies like Google, Facebook and PayPal.
Google’s Gmail product manager, Adam Dawes, stated: “We’ve been active in the leadership of the DMARC group for almost two years, and now that Gmail and several other large mail senders and providers — namely Facebook, LinkedIn, and PayPal — are actively using the DMARC specification, the road is paved for more members of the email ecosystem to start getting a handle on phishing.”
PayPal are one of the companies who’s massively popular and extremely well-established name is being used to try to trick people into divulging information that could see them having substantial amounts of money removed from their accounts, so naturally they are keen to back the work of the DMARC, and they hope to see a time when there is a fool-proof system in place to block any email that fails to pass authentication.