If you’re reading this blog post, chances are you already know what a powerful marketing tool email can be. But with great power comes great responsibility (as Ben Parker informed us), and it can become a dangerous tool in the wrong hands.

Email is used as a vehicle to carry a variety of security threats, including a malicious act known as phishing. A prelude to identity theft, phishing generally aims to bank on a financial company’s recognition and the consumer’s trust of that company. PayPal is ripe for black hat shenanigans, which is why it is so puzzling to hear that the online payment service itself is being accused of sending “phishy” emails.

PayPal Putting Its Users at Risk?

Recently, a few email users have reported to receiving suspicious looking messages from PayPal. Among them, author and journalist Woody Leonhard, who published an article on InfoWorld.com detailing the ordeal. According to Leonhard, the eBay-owned internet property sent three messages within the span of a week, each loaded with a number of “hot links” and clever copy urging him to click those links and log in to his account. These links led to “email0.paypal.com” and “email-edg.paypal.com,” both of which are verified URLs associated with PayPal. They nevertheless arouse the discerning user’s suspicion, such messages coming off as sophisticated phishing traps.

Phishing emails are so dangerous because they can be difficult to identify. The best of these malicious messages look as if they were sent from the brand the scammer is purporting to be. They are usually crafted with an urgent tone, which is necessary to make the user believe something is wrong and they must act fast to avoid the consequences. If the user clicks through, they will often find that even the rogue site they land on appears legitimate, leading them to believe that it is okay to proceed with entering their account information. Falling for such a trap could result in anything from being a victim of fraudulent activity to having one’s entire identity stolen.

What makes the PayPal issue so unsettling is that the company is often at the center of phishing scams and actually goes to great length to warn consumers about it. PayPal has an extensive set of resources designed to teach users how to identify this malicious act, protect themselves against it, report it to the proper agencies and much more. No one is certain why it has decided to contradict itself with these phishing-friendly emails, but the fact that more users are coming out to express their concerns is proof of how big a deal this really is.

Phishing Is No Joke

Whether it’s PayPal, your bank or another financial entity you do business with, accessing sensitive accounts from the inbox is not recommended. Instead, go directly to what you know to be the legitimate site and address your concerns from there. The one time you put your faith in what appears to be a trusted sender could be the one time you lose everything.