A rather convincing paypal email scam

[Krusty]

Just got an email that nearly got me to give away my paypal information. The email appeared to come from [email protected]. Here's what it said:

Dear PayPal user,

We recently reviewed your account, and suspect that your PayPal account may
have been accessed by an unauthorized third party. Protecting the security
of your account and of the PayPal network is our primary concern.
Therefore, as a prevention measure, we have temporarely limited access to
sensitive PayPal account features.
Please click on the link below to confirm your information:


https://www.paypal.com/fraudcheck/secure/bill.html?sl=070304



For more information about how to protect your account, please visit
PayPal's Security Center, accessible via the "Security Center" link located
at the bottom of each page of the PayPal website.



We apologize for any inconvenience this may cause, and appreciate your
assistance in helping us maintain the integrity of the entire PayPal
system. Thank you for your prompt attention to this matter.

Sincerely,
The PayPal Team


Please do not reply to this e-mail. Mail sent to this address cannot be
answered. For assistance, log in to your PayPal account and choose the
"Help" link in the header of any page.

The URL apparently links to a paypal web site, the email was well written, and the web site it links to appears legit. Just to be safe, I decided to open a new browser and log into my paypal account to see what I may find there. Here's a little quotage from what I found:

Safe Log In: To log in to your PayPal account or access the PayPal website, open a new web browser (e.g., Internet Explorer or Netscape) and type in the following: https://www.paypal.com/


Greeting: Emails from PayPal will address you by your first and last name or the business name associated with your PayPal account. Fraudulent emails often include the salutation "Dear PayPal User" or "Dear PayPal Member".

Just thought I'd give you a heads up.

EDIT: upon closer inspection, I checked the hyperlink in the email and it doesn't actually send you to paypal.com even though, once you clicked on it, it says it's paypal.com in the toolbar

EDIT2: Wow, this is one good scam. Upon further inspection of the site it linked to, the entire internet explorer window was spoofed so that it can put the fake URL in the toolbar. Very impressive stuff there.

 

[Alice]

That's amazing! I have no other words for it. Thanks for the tip.

 

[CrashOveride]

Nice tip, and nice mean scam.

 

[Sophisticated]

the link is not found?????????????

 

[nut581]

I also got this exact same one like last week. The URL pointed to an IP address (http://20X.XXX.XXX.XX/xxxxx.php or something like that). I opened it up just for fun in firefox, and it wouldn't even load .. hahaha.

but for safety, I decided to open another window and change my paypal password.

I can't believe just how many scam artists are targetting paypal these days .. and is there any of these artists ever caught???

 

[Krusty]

If they were, I doubt there'd be so many scams going around.

 

[Malpine Walis]

That dreck has been floating around for a while now. Just tonight I got this one:

Dear eBay member

We recently noticed one or more attempts to log in to your eBay account from a
foreign IP address and we have reasons to belive that your account was hijacked
by a third party without your authorization.

If you recently accessed your account while traveling,the unusual log in attempts
may have been initiated by you.
However,if you are the rightfull holder of the account, click on the link below,
fill the form and then submit as we try to verify your identity.

http://xxxxxxxxxxxxxxxxxxx

If you choose to ignore our request,you leave us no choise but to temporaly suspend
your account.

We ask that you allow at least 72 hours for the case to be investigated and we
strongly recommend not to make any changes to your account in that time.

*Please do not respond to this e-mail as your reply will not be received.

Thanks for your patience as we work together to protect your account.

Regards,

Safeharbor Department
eBay Inc.

Of course the link that I am supposed to click is done with html to look like a legitimate link but when I click it it opens a page that looks like ebay but the url has an ip number in it that after doing a whois turns out to be in Australia. -- Right.

Of course I should not make any changes to my account for 72 hours. God forbid that I realize what I just fell for (NOT!) and go to ebay to change my password. Then they would not be able to bid on whatever they are going to rip me off for. -- Right.

Also, I am reasonably sure that whoever send out email from ebay uses a spell checker. Whoever sent that to me got believe, rightful, choice and temporarily wrong. -- Right.

 

[baltoos]

Just a little reminder:

Anyone getting any of these fraudulent Emails should:

1. NOT enter ANY personal information requested.
2. REPORT the fraudulent Email to [email protected] or PayPal.
3. DELETE the fraudulent Email immediately.
   [/list=1]
   
   Be Careful! It's a Jungle Out There!
   -Dave

 

[Hughhefner]

Just got this one yesterday, a security alert with a link to www.payallpal.com


Watch out another nasty one that asks for ALL YOUR INFO!!!

I filled it out with the usually GUSTO with lots of swear words and such.

 

[tom10167]

I think the fact that they can't spell "temporarily" properly blows their cover pretty easily.

*sigh*

Just wondering though, how do they make it say www.paypal.com in the browser even though it really isn't? That's DAMN good coding.

 

[Krusty]

they used one of them browser windows that doesn't have a taskbar on the top of it. You know, you generally see annoying popups that don't have all your cool browser stuff on the top.

so they took that window, then made the web site page mimic the paypal web site complete with a taskbar on the top displaying paypal.com on it.

 

[Xenocide]

my dad fell for this one accouple months back, had to get all new credit card and paypal account