Jump to content
When you buy through links on our site, we may earn an affiliate commission.
  • Current Donation Goals

Paypal Scam Warning


Polynomial

Recommended Posts

This is probabably familiar to many people, but if not, be on guard! There seem to be quite a few fake log-in sites and if you put your details there, kiss your paypal account (and money) good bye, here is an example of a spam I recieved today:

----------------------------------------------------------------------------------------------------------------------------

As part of our security measures, we regularly screen activity in the PayPal

system. We recently contacted you after noticing an issue on your account.We

requested information from you for the following reason:

We have reason to believe that your account was accessed by a third party.

Because protecting the security of your account is our primary concern, we have

limited access to sensitive PayPal account features. We understand that this may

be an inconvenience but please understand that this temporary limitation is for

your protection.

Case ID Number: PP-102-084-644

This is a reminder to log in to PayPal as soon as possible.

In accordance with PayPal's User Agreement, your account access will remain

limited until the issue has been resolved. Unfortunately, if access to your

account remains limited for an extended period of time, it may result in further

limitations or eventual account closure. We encourage you to log in to your

PayPal account as soon as possible to help avoid this.

To securely confirm your PayPal information please click on the link bellow:

"https://www.paypal.com/cgi-bin/webscr?cmd=_login-run"

We thank you for your prompt attention to this matter. Please understand that

this is a security measure intended to help protect you and your account. We

apologize for any inconvenience.

Sincerely,

PayPal Account Review Department

PayPal Email ID PP638

---------------------------------------------------------------------------------------------------------------------------

Now, note there is no address ("Dear that and that") and disclaimer on the bottom, which is the firt giveaway, but also if you check the actual link between the apparently legitimate log-on site, you will find this is actually:

http://rds.yahoo.com/_ylt=A0geutDdFX5EDvwA...login/index.htm

which redirects you to the fake log-on site:

http://correo.fininternacional.com/Intrane...login/index.htm

I have given this to paypal, and they will close this site down (hopefully soon). I often hear people's paypal accounts get taken over etc. well, they might not have realised that at some point they logged onto fake site like that.

Edited by Polynomial
Link to comment
Share on other sites

Thanks for the advice, Poly. Always good to have a reminder about this kind of activities.

Link to comment
Share on other sites

There's a general rule for paypal scams. It's very easy to follow, too.

Paypal will never, ever send you a mail asking you to login to do something. Ever. No matter how realistic, it's not from paypal.

Even if they actually do send a mail asking you to change your password or free up your locked this that or the other, ignore it, they'll understand. :thumbsupsmileyanim:

Link to comment
Share on other sites

There's a general rule for paypal scams. It's very easy to follow, too.

Paypal will never, ever send you a mail asking you to login to do something. Ever. No matter how realistic, it's not from paypal.

Even if they actually do send a mail asking you to change your password or free up your locked this that or the other, ignore it, they'll understand. :thumbsupsmileyanim:

Not entirely so; when you first open the account for instance you got the log-on link, confirmation of transanctions have the link, and https://www.paypal.com/cgi-bin/webscr?cmd=_login-run is actually legit link, but this is not where you would end up by clicking on it.

Few other conmen favourites are disputed transactions and complaints; these also have links like this, and if you think of it you will figure out, but if you are new to paypal or just not carefult, ups. The disputed transaction fraud targets most common purchases from eBay, the message would say somebody complained against you and requested refund, these can be very well presented, they even use real templates, and fake originating e-mail, only thing is, it re-directs you to a fake website (looks good, but not all buttons are working

Edited by Polynomial
Link to comment
Share on other sites

he disputed transaction fraud targets most common purchases from eBay, the message would say somebody complained against you and requested refund, these can be very well presented, they even use real templates, and fake originating e-mail, only thing is, it re-directs you to a fake website (looks good, but not all buttons are working

Absolutely, but I specified Paypal, not eBay. :D

eBay scams are a little trickier, but can be easily avoided by doing everything through a bookmark to "My Ebay" instead of clicking mails.

Never, ever click a link to paypal or ebay in an email, unless it's the first confirmation mail.

Link to comment
Share on other sites

Absolutely, but I specified Paypal, not eBay. :D

eBay purchases would most often be handled via paypal, which belongs to eBay since 2002, what I meant here based bit on clever scamming. What these scammers do is check what is most frequent item(s) bougth on eBay, or make a good guess if stats are not available, make a list of say 10 such items. Say a Harley Davidson belt buckle (might be off but this one they used actually), then they send disputed item e-mail for HD buckle to several million random e-mails, so what is the chance they will target somobody who just bougth this sort of item and is currently tracking this DHL package (ya know, the waiting impatience), then this e-mail pops, and before reading it carefully, the guy innocently logs on, upsss. Probability? Share of paypal acconts in the sample of targetted e-mails times the share of paypal users ordering HD buckles...you can work out the math, do some more resarch and will figure out knowing what is often traded on eBay does have utility for scamming purposes

Edited by Polynomial
Link to comment
Share on other sites

Use ebay toolbar

http://pages.ebay.com/ebay_toolbar/

ebay toolbar will check if the site you are visitng is legit..

Warns you when you're on a potential spoof Web site.

Account Guard has a Site Indicator on the eBay Toolbar that changes the color of the Account Guard button that indicates whether you're on a verified site or a potential spoof Web site. The Site Indicator turns:

  • Green if you are on a verified eBay or PayPal Web site.
  • Red if you are on a potential spoof Web site.
  • Gray if you are visiting an unidentified Web site.

John

Link to comment
Share on other sites

official paypal notices never contain a link to its site. With a real paypal notice, you have no choice but to log in manually by typing the paypal address. This is a fact, so if you get a paypal email with a link to login, then it is most certainly a SCAM.

Link to comment
Share on other sites

Wow . . . if I had a nickel for every scam email I've gotten and sent to PP or the bay . . .

I'd have about 15¢ !

A day . . .

Probably sent a couple hundred, seriously, to the two. First, they all come in to a generic addy I use, so I know right away. Also if you mouse over their links and look at the address bar, you can tell right away. Plus, like what's been mentioned before, neither will EVER send you an official email from them with a login link on it.

If you get a scam letter from "either" forward it as inline text with full headers. You'll get two auto-replies from both. The first will thank you, say they are looking in to it, and have a bunch of stuff about their policies about their official emails. The second will thank you again, tell you they checked it out and it's NOT from them, they are pursuing the matter and are contacting the ISP to shut the link down, and some more stuff about phishing scams. Strange you didn't get a reply though. I've gotten the first before I've even finished checking my "Trash Bin" for misplaced emails in that Yahoo account.

B

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...
Please Sign In or Sign Up