Fraudulent PayPal Emails
I received an email yesterday morning that has me scratching my head for a minute. After reading what appeared to be a security concern from PayPal, I decided to log in to my account from my bookmark instead of clicking on the link provided. I figured, if it was a serious issue, there would be note of it in my account after I log in. What do you know… no mention of it! That’s when I started digging around in the security section. Right at the top, there’s a couple very prominent boxes, one being ‘Protect yourself from fraudulent emails’. So I did just what they asked and reported the ‘spoof’ email. Here’s the fake email…
——– Original Message ——–
Subject: PayPal Security Measure
Date: Fri, 04 Feb 2005 12:40:39 +0100
From: service@paypal.com
Reply-To: service@paypal.com
To: Matt BrettDear PayPal Member,
PayPal is committed to maintaining a safe environment for its community of buyers and sellers. To protect the security of your account, PayPal employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the PayPal system for unusual activity.
Recently, our Account Review Team identified some unusual activity in your account. In accordance with PayPal’s User Agreement and to ensure that your account has not been compromised, access to your account was flagged.
Your account will remain flagged until this issue has been resolved. This is a fraud prevention measure meant to ensure that your account is not compromised.
In order to secure your account and quickly restore full access, we may require some specific information from you for the following eason:
Our system requires further account verification.
Case ID Number: PP-056-245-481
We encourage you to log in and restore full access as soon as possible.Should your account remain flagged for an extended period of time, it may result in further limitations on the use of your account or
may result in eventual account closure.———————————————————————-
Please click on the link below to log in
and restore full access to your account.
https://www.paypal.com/cgi-bin/webscr?cmd=_login-run
———————————————————————-Thank you for your prompt attention to this matter. Please understand that this is a security measure meant to help protect you and your account.
We apologize for any inconvenience.
Sincerely,
PayPal Account Review DepartmentPayPal Email ID PP562
Pretty convincing, isn’t it? The fact that it didn’t really say what the problem was, is why I was suspcious. Here’s the responce I got from PayPal after forwarding the email to their security department…
Dear Matt Brett,
Thank you for contacting PayPal.
Thank you for bringing this suspicious email to our attention. We can confirm that the email you received was not sent to you by PayPal.
The website linked to this email is not a registered URL authorized or used by PayPal. We are currently investigating this incident fully. Please do not enter any personal or financial information into this website.
If you have surrendered any personal or financial information to this fraudulent website, you should immediately log into your PayPal Account and change your password and secret question and answer information. Any compromised financial information should be reported to the appropriate parties.
If you notice any unauthorized activity associated with your PayPal transaction history, please immediately report this to PayPal by
following the instructions below:1. Log in to your account at https://www.paypal.com/ by entering your email address and password into the Member Log In box
2. Click on the Security Center at the bottom of the page
3. Click on ‘Report a Problem’
4. Select the Topic: Report Fraud
5. Select the Subtopic: Unauthorized use of my PayPal Account
6. Enter your question in the ‘Summarize your question in one sentence’ box
7. Click Continue
8. Follow the instructions to access the appropriate form
If you have any further questions, please feel free to contact us again.
Sincerely,
PayPal Account Review Department
I’ve actually seen a couple variants of this email – not sure if it’s from the same source. But keep an eye out and don’t be suckered by this crap.
Bastards!