sonnymax Posted November 7, 2010 Report Share Posted November 7, 2010 Howdy fellow O-men! I've appreciated other members giving us the heads-up on Internet scams, so I thought I'd share this one with you. I've received fake emails purportedly from PayPal in the past trying to get me to log in to my account for one reason or another. Usually, the tip-off is when the email begins "Dear PayPal Customer". This morning, however, I got one that had my correct name in the greeting. Here's what followed: Notification of Limited Account Access As part of our security measures, we regularly screen activity in the PayPal system. We recently contacted you after noticing an issue on your account.We requested information from you for the following reason: We recently received a report of unauthorized credit card use associated with this account. As a precaution, we have limited access to your PayPal account in order to protect against future unauthorized transactions. Case ID Number: PP-830-173-720 In accordance with PayPal's User Agreement, your account access will remain limited until the issue has been resolved. Unfortunately, if access to your account remains limited for an extended period of time, it may result in further limitations or eventual account closure. We encourage you to follow our verification procedure as soon as possible to help avoid this. Click here to login and restore your account access Once you log in, you will be provided with steps to restore your account access. We appreciate your understanding as we work to ensure account safety. This is a final reminder to log in to PayPal as soon as possible. We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience. Sincerely, PayPal Account Review Department PayPal Email ID PP-830-173-720 DO NOT CLICK ON THE LINK to restore your account access! It's a phishing scam that brings you to a fake website masquerading as PayPal, where you will be directed to enter your username and passord. Once they've got there hands on that info, you're toast. Again, I can usually spot these scams immediately, but their use of my name and the professional look of the email (logo, correct font, security warnings along the right margin, etc.) almost made me pull the trigger. Instead, I right-clicked on the body of the email to "View Page Source" and saw that it wasn't from Paypal. Hope you find this info helpful. I'd hate to see anybody scammed like this. Right now I'm going to email the ambassador of Nigeria, a personal friend of mine, and tell him all about it. Quote Link to comment Share on other sites More sharing options...
Dan Gould Posted November 7, 2010 Report Share Posted November 7, 2010 Obviously they got a native-English speaker to write the email so you have to give them credit for avoiding the grammatical errors. But isn't it Paypal's policy to never send a log-in link and always advise you to type in the URL into a new browser window? So regardless of font or anything else that makes it look "real," any link in a Paypal message is proof that its a phishing scam. Quote Link to comment Share on other sites More sharing options...
Free For All Posted November 7, 2010 Report Share Posted November 7, 2010 I got this one too- I never use the provided log-in link on these things. I logged onto my account and saw there were no problems or unauthorized charges, then I emailed Paypal and they confirmed that this was a phishing email. Pretty clever one I must say. I tend to be fairly paranoid about "business" emails I receive, and it usually pays off. Quote Link to comment Share on other sites More sharing options...
Dave James Posted November 7, 2010 Report Share Posted November 7, 2010 Click here to login and restore your account access Any time you see something like this or words to the same effect, you can bet it's a scam. Quote Link to comment Share on other sites More sharing options...
Swinging Swede Posted November 7, 2010 Report Share Posted November 7, 2010 Yes, when it concerns sensitive login information, the rule is to always log in yourself and not through a link in an e-mail that you can't know the source of. And as sonnymax said, you can right-click and view the source to see what the real URL is. It doesn't have to be the same as the text that is showing. To give a harmless example, the link below does not take you to Paypal, but to Amazon. It could have been something much worse. http://www.paypal.com Quote Link to comment Share on other sites More sharing options...
Brownian Motion Posted November 7, 2010 Report Share Posted November 7, 2010 I believe certain ebay sellers sell the names and email addresses of their customers to scammers, and that's how the scammers can personalize their scam emails. Quote Link to comment Share on other sites More sharing options...
Tim McG Posted November 8, 2010 Report Share Posted November 8, 2010 (edited) This should surprise no one. PayPal is a toilet. E-Bay is the slimeball Meg Whittman's playground. Trust this site at your own peril. Edited November 8, 2010 by GoodSpeak Quote Link to comment Share on other sites More sharing options...
RDK Posted November 8, 2010 Report Share Posted November 8, 2010 Interesting phishing scam as it closely mimics Paypal's legit practices when they suspect fraud. I recently had a fraudulent charge and before I even realized it Paypal "limited" my account until I could get back to them and verify certain information. When I talked to them, the Paypal rep explained that their system flagged the activity as suspicious; an investigation is ongoing. I'm so far very pleased with Paypal's response and follow up to the situation. Which I'm no doubt certain will disappoint Goodspeak. Quote Link to comment Share on other sites More sharing options...
Jazzmoose Posted November 8, 2010 Report Share Posted November 8, 2010 This should surprise no one. PayPal is a toilet. E-Bay is the slimeball Meg Whittman's playground. Trust this site at your own peril. So your theory is that eBay and PayPal are phishing their own customers? Quote Link to comment Share on other sites More sharing options...
Claude Posted November 8, 2010 Report Share Posted November 8, 2010 Thank for the warning, but these sorts of emails have been around for a couple of years already. If you know how phishing (and emails in general) works, it's easy to avoid the risk. Quote Link to comment Share on other sites More sharing options...
Son-of-a-Weizen Posted November 8, 2010 Report Share Posted November 8, 2010 This should surprise no one. PayPal is a toilet. E-Bay is the slimeball Meg Whittman's playground. Trust this site at your own peril. So your theory is that eBay and PayPal are phishing their own customers? Quote Link to comment Share on other sites More sharing options...
John L Posted November 8, 2010 Report Share Posted November 8, 2010 This specific phishing is not new. I received this exact email about 6 years ago. Quote Link to comment Share on other sites More sharing options...
Tom 1960 Posted November 8, 2010 Report Share Posted November 8, 2010 If there's any doubt about the email's authenticity, it's not a bad idea to call Paypal directly and save yourself alot of grief. Quote Link to comment Share on other sites More sharing options...
mellowT Posted November 8, 2010 Report Share Posted November 8, 2010 Yes, when it concerns sensitive login information, the rule is to always log in yourself and not through a link in an e-mail that you can't know the source of. And as sonnymax said, you can right-click and view the source to see what the real URL is. It doesn't have to be the same as the text that is showing. To give a harmless example, the link below does not take you to Paypal, but to Amazon. It could have been something much worse. http://www.paypal.com True enough, but for checking URLs an easier approach is to simply hover your mouse over the link. You'll either see a tooltip popup showing what address it will go to or you'll see the address in the status bar at the bottom of the browser or email window. If the address doesn't match exactly what's printed, or if it's not going where I expect, I move on. Quote Link to comment Share on other sites More sharing options...
Claude Posted November 8, 2010 Report Share Posted November 8, 2010 (edited) Whenever you visit the Paypal page through a link (at a store, Ebay, etc), check the address displayed in your browser address bar before entering your login data, to make sure you are on https://www.paypal.com , and not some fake page (which could have an cleverly made address to mistake the user, like http://paypal.com:account@phishingsite.net In this case, phishingsite. net is the domain, not paypal.com Edited November 8, 2010 by Claude Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.