PayPal’s struggle with online doppelgangers

A police investigation has been launched for an online scam where several scammers posed as online payment facilitator PayPal.According to The Straits Times, these scammers sent fake emails to various e-commerce sites such as STClassified, eBay and GumTree pretending that payments had been made for fake transactions. The goods were then shipped to an overseas address. According to the article, at least 27 cases are being investigated, amounting up to a loss of SG$33,000.When reached by Marketing, a PayPal spokesperson was unable to clarify how many of such cases had occurred. However she added that PayPal regularly scans for unusual activity in its system to detect and stop fraudulent transactions before it affects users.“We adopt multi-factor authentication where users are authenticated using hundreds of independent factors including IP addresses, devices, transaction and behavior patterns and network information to evaluate every transaction,” she said.She added that PayPal also has buyer and seller protection policies to safeguard users from fraud and unauthorised transactions and it works “very closely” with law enforcement and industry organisations dedicated to fighting spoof and identity theft.Meanwhile, PayPal has also added several guidelines for users to verify that transactional emails are genuine.Here are its guidelines:·         Emails from PayPal will always address you by your first and last names or by your business name. We never say things like "Dear user" or "Hello PayPal member."·         Our emails don’t link directly to pages that ask you to enter sensitive information like your bank account, credit card, and I.D. card. Customers who receive what looks like a fake PayPal email, or have come across a spoof PayPal website, should report it to us by forwarding the original email or URL to spoof@paypal.com <mailto:spoof@paypal.com>·         Should you receive emails about transactions made with PayPal, always confirm if a payment has been received or made by logging into your PayPal accounts and checking their account balance.·         Don’t click on links in an e-mail (instead, type the address directly into your browser)·         Don’t provide personal or financial information in response to an e-mail·         Be extremely cautious about attachments in e-mails, especially if you haven’t positively identified the sender and you weren’t expecting an e-mailPayPal’s struggles only highlight companies’ challenge in establishing authenticity and trust when it comes to the digital realm.For example, earlier this year, LinkedIn launched a lawsuit against scammers for creating thousands of fake profiles in order to scrape data off existing users.