Fraudsters sometimes use real logos so be extra careful!

A phishing scheme known as “PayPai” may be hitting your inbox right now. Ever notice how an upper-case letter “i” and a lower-case letter “L” look identical in certain fonts? The bad guys hope you don’t. Fraudsters are exploiting this visual trick to fool innocent people with fake PayPal emails that look real. These emails can be so convincing that they almost fooled me!

Unlike regular spam email, the consequences of clicking on a PayPai link can cost you time, money and privacy. Let’s review the phishing tactics used by these clever cybercriminals and some easy tips about how to spot a counterfeit email.


Phishing Explained

If you’ve never heard of phishing, or if you need a quick refresher course, the term refers to malicious emails sent by con artists to obtain your private information. The emails usually resemble official messages from legitimate companies like eBay, Amazon, online banks and, most notably, PayPal. They include links to professional-looking replica websites that ask for your passwords and use software to hack into your PC.

By phishing, cybercriminals can steal personal information such as passwords and bank account information. Sometimes, phishing websites also infect your computer with viruses or spyware.


Don’t Let PayPai Reel You In With Homographs

As phishing goes, PayPai is extra sneaky. The swindlers behind this devious scheme rely on something called a homograph. A homograph is a letter, number or symbol that looks identical to another, different character.

Can you tell the difference right away?  Click to enlarge and see!

As we explained earlier, a capital letter “i” can be almost indistinguishable from a lower-case letter “L” in certain fonts such as san serif (tailless). San serif also happens to be the default font used in the popular email clients like Gmail and browsers like Firefox.

I recently received a PayPai phishing email that stated my account was “limited,” and it sounded very official. It said:

“Your bank let us know that you didn’t authorize some recent money transfers between your PayPaI and bank accounts … We want to make sure that no one has logged into your account without your permission.”

The email I received included a link to the PayPai hoax site. I didn’t click the link, but I’m pretty sure it would’ve asked for my real PayPal login and password, or possibly installed some spyware. Thankfully, I was able to spot something fishy in the sender’s email address. A real message from PayPal would come from an email address like [email protected], but the PayPai email originated from an address at I thought that sounded pretty darn suspicious!

That’s a trait commonly used by phishing emails. The message is often a false warning that your account has been compromised, and the writing can be polite and full of concern. The PayPai perpetrators and other “phishers” mimic the language used by the real companies. Sometimes they also steal the company’s real logo, too.


Click and enlarge to see all the red flags we pointed out.

Get Them Before They Get You

One of the easiest ways to spot a phishing attempt is to look at the URL that loads in your browser. Do you see “https” in front of the website’s address? The “s” at the end means that the website is more secure. For an online store, online banking service or other official websites that require your personal data, the “s” should be there. Be careful if it’s just “http”.

Another red flag can be the website address itself. Is it simple, like, or are there additional words, symbols and numbers? Phishing websites often include extra phrases and characters that don’t make any sense. Watch out for web addresses such as [email protected] or [email protected]@21.3442.1″. Foreign addresses can also tip you off. If you live in the United States, you shouldn’t be getting emails from eBay’s Hong Kong division.


More Safety Tips

#1. A good way to protect yourself from phishing is to enable the spam filters on your email account. You should also make sure that your computer has anti-virus software and a firewall that’s up-to-date.

#2. For added safety, increase the security settings in Safari, Firefox, Google Chrome and Internet Explorer – and you can even change the browser’s default font to Times New Roman, Courier New or Tahoma, which should make all PayPai’s capital “i” stick out like a sore thumb.

Phishing lets hackers steal your passwords and other sensitive personal data.

#3. Remember that legit websites like PayPal and eBay will NEVER send you email attachments. They won’t ask for your personal data or financial info in an email, either. These sites will ask you to login first and in some cases, they will request answers to your personal security questions (i.e., “What was the name of your first pet?”)

#5. If you’re not greeted by name, there’s a good chance it’s a fraud. The PayPai message didn’t greet me at all, but phishing emails will frequently begin with vague salutations like “Hello Member” or “Dear User.” Bear in mind that even if it includes your name, it could still be fraud. But the absence of a personalized greeting is a distinct warning sign.

#6. When in doubt, just don’t click any links in an email. Instead, quit your browser, open it again and type the website address yourself in a brand new window. So if you do supposedly have a “limited account” in PayPal, don’t click the link in the email – go to PayPal directly by typing If there’s actually something wrong with your account, you’ll be notified about it on the site directly after you log in.

It’s also a very good idea to familiarize yourself with privacy policies of websites like PayPal, eBay, Amazon and online banking sites. Almost any legit professional website you can join will have a Help section that describes the company’s email policy. You can find out when and why they might contact you, what kind of user info they might request via email and – most importantly – what they will never send you or request over email.

Sites like PayPal and eBay also offer their own specialized tips and warning signs about fraud. These companies encourage you to contact their customer service and report any phishing, hacking attempts or other forms of cyber crime associated with their name. You should also submit a report to Scambook.

So if you get a “PayPal” email that seems irregular or unexpected, check that “l” before you open any links! Don’t lose money, time or sanity over a san serif homograph.

PayPai is Fraud with a capital F.


See Also

What The PayPal Policy Update Means To You: Take Action By Dec 1st
4 Tips That Explain How To Avoid Phishing Scams and Email Spam
New Phishing Fraud: Unclaimed Property Email Scam Targets Missouri

Article Sources, “New Twist on PayPaL Phishing is from PayPaI (with an i)”.
ZDNet, “PayPal alert! Beware the ‘PaypaI’ scam”., “Recognizing spoof (fake) eBay websites”., “How can I protect myself from PayPal fraud or scams?”
Image Sources:,
My PayPal Here, is here

3 Responses

  1. Cheryl

    Any phishing emails you receive should also be forwarded to [email protected]. You can also forward suspicious-looking eBay emials to [email protected]. Their techies track these emails and every one that gets forwarded to them can help shut the scammers down.

  2. lynn

    put an add on my local buy, sell, trade website asking if anyone had a certain pet for sale. Last night got a response to the ad telling me if I was interested, they had what I needed. Since they live on the other side of the country they would gladly ship animal to me if I paid shipping cost. Only 200 dollars. Seriously what a load of crap.

  3. Harry Tzoumas

    Craigslist warns not to sell to out of towners, anyone offering more than list is 100% fraud, always open a new browser and check your PayPal account DO NOT click on the scammer’s Link.


Leave a Reply

Your email address will not be published.