Recently our Security teams have detected a large scale Phishing and Malware campaign that is targeting both current Bill Me Later users and non Bill Me Later users. We advise you to be proactively alert for these malicious emails. It is important to remember that when it comes to malicious phishing and malware emails, you are in control. To protect your information it is important you avoid opening unexpected emails, clicking on suspicious links, or opening unknown attachments, in these emails. Here is more information on Phishing and ways to help you detect, avoid and report it.

What is phishing?

Identity Theft
In short, phishing is an attempt to steal your identity. Under false pretenses, cybercriminals try to get you to disclose sensitive personal information, such as credit and debit card numbers, account passwords, or Social Security numbers.

One of the most common phishing scams involves sending an email that fraudulently claims to be from a well-known company. However, it can also be carried out in person, over the phone, and via malicious pop-up windows and "spoof" or fake websites.

How it Works

  1. A criminal sends thousands or even millions of emails to a variety of people, usually at random. These emails appear to be from a well-known company but are designed to lure you into clicking on a link or calling a phone number.
  2. The phishing email contains links or buttons that take you to a fraudulent website.
  3. The fraudulent website mimics the company referenced in the email, and aims to extract your sensitive personal data.
In essence, you think you're giving your information to a trusted company when, in fact, you're giving it to a criminal.


Recognizing Phishing

How to Spot a Fake Email
The "from" field of an email can easily be altered, so it's not a reliable indicator of whether or not an email is a fake. However, there are other telltale signs of a fraudulent email.

  1. Generic Greetings - Be wary of impersonal greetings like "Dear User," or your email address.
  2. Typos/Poor Grammar - Emails sent by well-known companies are almost always free of misspellings and grammatical errors.
  3. False Sense of Urgency - Many scam emails tell you that your account will be in jeopardy if something critical is not updated right away.
  4. Fake Links - These may look real, but they can cause trouble. Check where a link is going before you click by hovering over the URL in an email, and comparing it to the URL in the browser. If it looks suspicious, don't click. (See also "How to Spot a Fake Website" below.)
  5. Attachments - A real email from Bill Me Later will never include an attachment or software. Because they can contain spyware or viruses, you should never open an attachment unless you are 100% sure it's legitimate.
Spoof websites

How to Spot a Fake Email
Watch out for the following:

  1. Deceptive URLs - Some criminals will place a fake browser address bar over the real one, so it appears you're on a legitimate website. But even if a URL contains the words "Bill Me Later," it may not be a Bill Me Later site.

    Examples of fake Bill Me Later addresses:
    http://signin.paypal.com@10.19.32.4/
    http://83.16.123.18/pp/update.htm?=
    https://www.paypal.com/=cmd_login_access
    www.secure-paypal.com

    Always log in to Bill Me Later by opening a new browser and typing in the following: https://billmelater.com
    The term "https" should precede any Web address (or URL) where you enter personal information. The "s" stands for secure. If you don't see "https," you're not in a secure Web session, and you should not enter data.
  2. "Lock" icon in the wrong place - Look for the secure lock icon in the status bar at the bottom of the browser window. If you see it inside the window, close your browser because you may be on a spoof site.
  3. URLs that contain a typo; for instance, "www.bilmelater.com".
Legitimate Bill Me Later emails

Types of Bill Me Later emails

Bill Me Later sends notifications that your statement is available, payment confirmations, and similar notices related to your account. Bill Me Later also sends emails with special offers for our customers or announcements about new merchants who accept Bill Me Later.

How to Identify a Legitimate Bill Me Later email

Emails from Bill Me Later that contain links to your account will also include something that identifies you or your account. This may be your first and last name or the last 4 digits of your Bill Me Later account number as it appears on your Billing Statement. Note: Bill Me Later emails with special offers and discounts, or announcements of new merchants which will not always be personalized.

Bill Me Later will never threaten to close or suspend your account if you do not confirm information.

Combating Phishing

How to Combat Online Scams
It's important to remember that when it comes to phishing, you are in control. You can protect your personal information by not providing sensitive information, clicking on suspicious links, or opening unknown attachments.

How to Report a Phishing Email

  1. Forward the entire email to spoof@billmelater.com.
  2. Do not alter the subject line or forward the message as an attachment.
  3. Delete the suspicious email from your email account.

We'll send you an email response to let you know if the email is indeed fraudulent. In the meantime, don't click on any links or download any attachments within the suspicious email.