Paypal Email Scam

[webtwink]

Hello Guys.

I think most of you folks may have recieved. Well this is the first time that i recieved about "unauthorized usage" of my paypal account. The thing is I almost was about to give out my details. Until i took a closer inspection and saw that the URL it was pointing to was . I am posting here just to let you k now.

Thanks

Dear user,

We recently reviewed your account, and suspect that your PayPal account may have been accessed by an unauthorized third party. Protecting the security of your account and of the PayPal network is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive PayPal account features.

To restore your account access, please take the following steps to ensure that your account has not been compromised:

1. Login to your PayPal account.

2. Confirm your identity by completing the account verification process.

3. Review your recent account history for any unauthorized payments sent or received, and check your account profile to make sure not changes have been made. If any unauthorized activity has taken place on your account, report this to PayPal immediately.

To get started, please click the link below:

https://www[dot]paypal[dot]com/cgi-bin/webscr?cmd=_verification-run

For more information about how to protect your account, please visit PayPal's Security Center, accessible via the "Security Center" link located at the bottom of each page of the PayPal website.

We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of the entire PayPal system. Thank you for your prompt attention to this matter.



Sincerely,

The PayPal Team

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the header of any page.

This was the below address it was pointing to:

69[dot]133[dot]1[dot]18/www [dot] paypal [dot] com/SecurityMeasures/

 

[cyberpacific]

Thank you to share the info.

 

[Mr Webname]

Paypal never address "Dear Paypal User", "Dear User" etc.

 

[Biggie]

the paypal team////does not represent Paypal.

 

[namedropper]

God, I get about 10 of these a week. I'm amazed someone could be online and only got their first one in 2005.

 

[Theo]

That IP belongs to RoadRunner's IP block - complain to [email protected]

Refer to cpe-069-133-001-018.cinci.rr.com [69.133.1.18]

 

[mark]

send them all to [email protected] no matter how many you receive. they indidcated in a prior email to me that (paypal/ebay) are referring them to authorities for criminal and civil prosecution etc

 

[Jarmusch]

I got one similar, but it had a much cleverly disguised url link. Like this:

https://www.paypal.com/fraudcheck/secure/bill.html?sl=070304

But it is really pointing to:

http://www.paypal.com%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%[email protected]/sp.html

This doesn't work well in this forum. In a web page you don't see all the "%20%20%20" in the status bar. You only see http://www.paypal.com The rest is hidden to the right of the status bar.

 

[Mr.Domains]

I get the same thing all the time from eBay, "we have suspended you account due to suspicion of falsifying contact details, please click here to correct your contact details immediately", with a bogus link.

The first time I got it I actaully fell for it, and the next thing I knew there was a 42" Plasma Screen being sold from my account!

 

[Vivvy]

I get at least a dozen of the paypal phishers a day, and similar scams from what looks like every bank in the western hemisphere.

I am still stunned that anyone would give out personal, password or credit card information in an email. Haven't you heard? NO reputable company will ask for this information in an email.

Vivvy

 

[webtwink]

Actually this is the first time i got ever from paypal about my account being misused. I guess I am one of the lucky ones!

 

[Mr.Domains]

I am still stunned that anyone would give out personal, password or credit card information in an email.

They don't ask you to do that, it would be far too obvious. What they do is tell you to login and update your details, but the link they provide is to a dummy site. Then once they have your login details, they can get the personal details themselves.

 

[Anthony Ng]

I as a rule NEVER just click on any link from an e-mail (even legitimate ones) but copy and paste AND take a closer look at the URL (yes, sometimes VERY looooong) before actually clicking it from the browser.

 

[Domagon]

Copy and paste for say a verification email one was immediately expecting should be safe, but copying and pasting links in phish spam is asking for trouble - spotting a bogus link can be very difficult, especially if one is tired and/or in a rush; IDNs could add a whole new dimension to spoofing ... even a seasoned user could easily be deceived.

In a nutshell, an Ebay user should always type in the domain ebay.com and then navigate themselves from there; sadly, even this method isn't 100% full-proof if the user's hosts file has been modified and/or other changes made to their computer without their knowledge - ie. keylogging.

Commerce on the net, while very convenient, comes with extreme risks - it's remarkable that number of folks scammed isn't higher ... luck, and importantly, education is likely why.

Ron