It is advised that whenever an email message is received that contains a link to a website, it should be treated with suspicion, especially if it seems to have been sent from a financial service such as PayPal or a bank. If the website is visited, users should attempt to verify its legitimacy before any important credentials are input. In this case, users could note that the bit.ly link redirected to a website that is not hosted at the paypal.com domain or reach out to PayPal directly and ask them to verify the legitimacy of the site. It is much safer to go directly to the service’s website using the known and trusted domain name to log in, rather than following a link from an email message. Indications of Compromise: https://bit[.]ly/2SwO61R https://nadhirotultaqwa[.]com/usrah/redirect.php https://www.leemou[.]com/files/selector/ Source: https://www.tripwire.com/state-of-security/security-data-protection/new-paypal-phishing-email-scam-wants-your-social-security-number/