firstname.lastname@example.org this case. I almost decided to delete this message as the tens of others similar sort of scam-fraud-etc. stuff, but after looking on the message text I got a thought that it could be a wrong decision. Let’s see, why I was thinking that way.
All we know (if you don’t, please read the text below and remember) that PayPal always:
– sends its emails from the domain
– sends them directly to your primary email registered at PayPal;
– starts email message from your full name;
– does not ask to input login information in any form;
– does not mask links in the message with URLs different from the URLs shown at the text.
I show the full screenshot of discussed email message below for your reference (click on it to look the picture in the original size).
So first quick checking shows that this email is the most probably real request for the feedback survey organized some company on the side of PayPal. After that I made more thorough analysis. Please look on the results:
- Yes, as I mentioned at very begin this email came not from the
paypal.comdomain, so -3.
- But I got this email message to my primary email address, registered at PayPal. This is the positive point: +1.
- Email message was started from my full name: +1.
- Moreover, it contains the valid date “June 24, 2014”, when I really contact PayPal support to resolve one problem: +1.
- The message does not contain any request to login to PayPal account or send login information to somewhere: +1.
- All links included to the message point to the same URL as one shown to the reader of this meesage: +1.
- The message references the “Medallia” company as the PayPal partner in this surway, and email was sent really from “Medallia” servers:
Received: from inap221.mx.medallia.com (inap221.mx.medallia.com [126.96.36.199]): +1.
- Looking whois service, like one at this link you may find confirmation that this message is legal:
paypal-customerfeedback.comis not new, it was registered about 2 years ago (08/28/2012).
2211 North First Street
San Jose, CA 95131
– the server IP Address which is 188.8.131.52. Paypal-Customerfeedback.com resides at Medallia in Palo Alto, CA, United States. Pay attention that the 1st three parts of IP address here is the same as mail server IP-address from which I got the email message.
- It almost enough to trust this link and start offered survey. But we have one more point to be more sure. When I open
paypal-customerfeedback.comlink I see that site uses SSL sertificate issued by PayPal:
This is the original PayPal page from
This is the
As you can see, both sites use SSL certificate belongs to PayPal. Browser confirms it:
More positive point to our score: +3.
Let’s count the total: -3 + 1 + 1 + 1 + 3 + 3= +6.
Thus, I decided to go through this survey. Let’s go together through 11 steps.
Conclusion: It is real survey organized by Medallia company on the side of PayPal. All steps of the survey goes through SSL encrypted connection at the same
paypal-customerfeedback.com, no redirections, no maliciouse outbound links. Thus, we can trust to email messages with feedback survey requests from the