TechWhirl (TECHWR-L) is a resource for technical writing and technical communications professionals of all experience levels and in all industries to share their experiences and acquire information.
For two decades, technical communicators have turned to TechWhirl to ask and answer questions about the always-changing world of technical communications, such as tools, skills, career paths, methodologies, and emerging industries. The TechWhirl Archives and magazine, created for, by and about technical writers, offer a wealth of knowledge to everyone with an interest in any aspect of technical communications.
Just spotted a clever new variant on the old "your Paypal account has
been compromised" phishing trick. Since this kind of cybercrime is
always a slight possibility, it's worth checking. The way I do this is
to copy the "click here" link into Word to see what the real URL is.
Usually, I get something with an eastern European domain name rather
than the actual PayPal URL.
Today's variant does something unusual and thus, much more likely to
deceive: the first link really does take you to PayPal's security
center. Since you can't actually figure out what to do at that site
without a bit of spelunking, it seems perfectly logical to click the
second link in the mail message, which ostensibly takes you directly to
the place where you can update your account details and fix the
Don't do it: the _second_ link is the phishing scam.
The moral: If you ever get this kind of notification, be it from Paypal
or your bank or your credit card company or whatever, go to that
location yourself: manually type the URL in your browser. Don't ever
click on the link in an e-mail, since (as this example shows), the
phishers can be exceptionally clever at tricking us. If you can't
figure out whether there's really a problem, or how to solve it, you
may even have to resort to calling their 800 number--or send them an
e-mail. If there really is a problem, they'll help you fix it. If there
isn't they'll tell you that too.