Jump to content

Recommended Posts

Posted

Sorry mods...I really don't know where to put this post...

I recently receieved an email allegedly from Paypal indicating that a few security routines were being conducted on my account to confirm my identity. The email requested that I provide my bank account information and my PIN. After looking at the URL, I realized the browser session was not secure so I looked at the URL again. The URL was "www.paypal-billing.net" not www.paypal.com and used all the PayPal logos. I got very suspicious and reported it to PayPal.

Here's PayPal's reponse! BEWARE GUYS!!! I almost fell for it.

Dear Kevin Lam,

Thank you for contacting PayPal.

Thank you for bringing this suspicious email to our attention. We can

confirm that the email you received; was not sent to you by PayPal. The

website linked to this email is not a registered URL authorized or used

by PayPal. We are currently investigating this incident fully. Please do

not enter any personal or financial information into this website.

If you have surrendered any personal or financial information to this

fraudulent website, you should immediately log into your PayPal Account

and change your password and secret question and answer information. Any

compromised financial information should be reported to the appropriate

parties.

If you notice any unauthorized activity associated with your PayPal

transaction history, please immediately report this to PayPal by

following

the instructions below:

1. Go to https://www.paypal.com/

2. Click on the Security Center at the bottom of the page

3. Click on "Report a Problem"

4. Select the Topic: Report Fraud

5: Select the Subtopic: Unauthorized use of my PayPal Account, and

click

Continue.

6. Follow the instructions to access the appropriate form

If you have any further questions, please feel free to contact us

again.

Sincerely,

PayPal Account Review Department

PayPal, an eBay Company

Original Message Follows:

-------------------------

Form Message

customer subject: Valid PayPal site?

customer message: The web address (URL) of the site you are reporting:

'http://www.paypal-billing.net/'

Message: 'Here is the email send to me

PayPal Verification System!

Dear PayPal Member

We are currently performing regular maintenance of our security

measures.

Your account has been randomly selected for this maintenance, and you

will

now be taken through a series of identity verification pages.

To complete the verification process as a PayPal Member you must

provide us with a debit card issued by you primary bank. Don't worry, your

debit card will not be charged! Protecting the security of your PayPal

account is our primary concern, and we apologize for any inconvenience this may

cause.

You must click the link below and enter your infromations on the

following page to confirm your identity.

>

>Click here to complete the verification process

>

>Thank you for using PayPal! The PayPal Team

>

>

>Please do not reply to this e-mail. Mail sent to this address cannot

be

answered. For assistance, log in to your PayPal account and choose the

"Help" link in the footer of any pa'

Posted

Thanks Kevin.

I am sure all of us will keep a look out.

I know that alot of us here on MW use Paypal for purchases abroad.

Posted

I got that same email and made the same observation... That was months ago though. I would have thought PayPal would have done something about it by now.

Posted
I got that same email and made the same observation... That was months ago though. I would have thought PayPal would have done something about it by now.

No doubt, I heard of this a long time ago. Hell, the web police shouldve taken care of it.

Thanks though Kev.

Posted (edited)

This sort of thing is becoming more and more common. AOL has had a lot of trouble with this sort of thing where people were sent fake billing failure notices, and were prompted to enter CC information and such, and lots of folks fell for it because - well, let's face it - AOL's userbase is primarily comprised of Internet newbies (no offense to anyone here).

One of these morons recently got caught sending one of these to an FBI agent:

http://www.securityfocus.com/news/7329

LOL! Hope they like prison food.

There was another recent article (I forget where I saw it) that actually interviewed some college kid that scammed tens of thousands by doing this - sending out fake emails posing as paypal, aol, ebay, etc.

I manage a large-ish (25000 user) corporate email system, and I see this kind of trash all the time. You have to be carefuil out there, people. Never believe anything you receive in emails - if ever in doubt, always check the mail headers to be sure it's coming from who it's supposed to be coming from (i.e., if it's coming from a dsl line in China, odds are it isn't legit).

Edit in:

Glad to hear you weren't taken for a very long ride, Kevin. These kinds of things are notoriously hard to track down. You might want to forward that mail (with mail headers included) to 'uce@ftc.gov'. The FTC investigates and pursues this kind of thing as interstate fraud, and you could just help them keep this scumbag from doing any more harm.

Edited by Batou
Posted (edited)

Here's a site that has the lowdown with the AOL/E-Bay/PayPal scams on what's going on, as far as is known: http://www.snopes.com/inboxer/scams/paypal.asp

Edited by Pat Payne
Posted (edited)

I wish I was able to find one of these guys, if I was I'd print out a hundred of their bogus email and make 'em shove it up their you know what!!! Effin' bastards!!! :angry:

Edited by >EXO<
Posted

Thanks for the look out. I like to use Paypal for my Valk. Exchange purchases and eBay. I definitely don't want some scammers getting my info. I can imagine the huge headache it must be to clear this kind of thing up if you get hit by this type of fraud.

Posted

Let's all visit the site and enter bogus information on it! Invite all your friends and forum members elsewhere and generate so much traffic that it will be shut down! ;)

Posted

Paypal has sent e-mails out warning about this kind of fraud before.

Just like one should never give credit card info to someone asking for it over the phone (if you are not making a purchase or reservation), NEVER respond to these kind of e-mails asking for you to input banking and other personal information!

Posted

I don't use pay pal (yet) but this empasises rule number 1 about fraud.

If an "authorized source" requests your pin and bank number (or credit card etc...), something they should already have on file, report the incident, immediately.

I've known about these scams for quite a bit of time. They've been mentioned on a fairly regular basis on www.snopes.com, along with the rest of the urban legends.

Still, good thing you didn't fall for it, and good thing you're letting us know.

Posted
along the same lines a very legit looking eBay email going around asking for account names and passwords.

There's another one that claims your credit card on file at eBay is expiring and they ask you to "update your credit card info".

PayPal is pretty notorious at doing nothing regarding these scams, their attitude has basically been "our customers are sophisticated enough to tell when it's a fraud" instead of sending people warnings whenever a new scam appears. Check out this site for the lowdown:

PayPalSucks.com

Posted

I've gotten a couple of bogus e-mails regarding my E-Bay and my PayPal account. You can always tell who the frauds are because PAYPAL AND E-BAY HAVE NEVER ASKED FOR BANK ACCOUNT PIN NUMBERS. Having worked for the fraud unit at my bank for the last three years, I can honestly say that I have never seen a legitimate internet business like E-Bay or Paypal ever need bank account information except for account numbers and sometimes ABA routing numbers.

Posted

Gotten a few of those.... if you want to report them, just forward the entire message (do not alter or add to it at all) to these addresses:

spoof@ebay.com

spoof@paypal.com

think those are right... I've sent both a number of spoof emails....

Posted
This sort of thing is becoming more and more common. AOL has had a lot of trouble with this sort of thing where people were sent fake billing failure notices, and were prompted to enter CC information and such...

It's a good thing I don't pay my bills....

Posted

Sometimes they'll try to make the URL look like paypal.com by putting an @ between paypal.com and the real URL. So if you only read the first part of it, it looks like PayPal.com. In webmail, you can put the mouse over it and see the address. I don't know about Outlook.

Click here to login

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...