PayPal Spoof
joecheck
Posts: 533
I received two of these emails in 1 1/2 hours...
Dear valued PayPal® member:
It has come to our attention that your PayPal® account information needs to be
updated as part of our continuing commitment to protect your account and to
reduce the instance of fraud on our website. If you could please take 5-10 minutes
out of your online experience and update your personal records you will not run into
any future problems with the online service.
However, failure to update your records will result in account suspension.
Please update your records on or before November 2, 2006.
Once you have updated your account records, your PayPal® session will not be
interrupted and will continue as normal.
To update your PayPal® records click on the following link:
http://www.paypal.com/cgi-bin/webscr?cmd=_login-run
Thank You.
PayPal® UPDATE TEAM
Accounts Management As outlined in our User Agreement, PayPal® will
periodically send you information about site changes and enhancements.
Visit our Privacy Policy and User Agreement if you have any questions.
http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/ua/policy_privacy-outside
Here is PayPals response...
Thank you for contacting PayPal.
We appreciate you bringing this suspicious email to our attention. We
can confirm that the email you received was not sent to you by PayPal.
The website linked to this email is not a registered URL authorized or
used by PayPal. We are currently investigating this incident fully.
Please do not enter any personal or financial information into this
website.
If you have surrendered any personal or financial information to this
fraudulent website, you should immediately log in to your PayPal account
and change your password and security question and answer information.
Any compromised financial information should be reported to the
appropriate parties.
Please forward the entire email - including the header information - or
the site's URL to spoof@paypal.com We investigate every spoof reported.
Please note that the automatic response you receive from us may not
address you by name.
If you notice any unauthorized activity associated with your PayPal
transaction history, please immediately report this to PayPal by
following the instructions below:
1. Log in to your account at htpps://www.paypal.com
2. Click on the Security Center at the bottom of the page.
3. Click on "Unauthorized Transaction" under the "Report a Problem"
column.
4. Enter the Transaction ID for each unauthorized transaction in your
PayPal account. If you do not have any transactions to enter, click
"Continue."
5. Fill out the information and click "Continue."
6. Review the information and click "Submit" to file your claim.
For additional tips, please click on the Security Center link at the
bottom of any PayPal page.
We appreciate your efforts to keep PayPal safe.
Sincerely,
PayPal Account Review Department
Dear valued PayPal® member:
It has come to our attention that your PayPal® account information needs to be
updated as part of our continuing commitment to protect your account and to
reduce the instance of fraud on our website. If you could please take 5-10 minutes
out of your online experience and update your personal records you will not run into
any future problems with the online service.
However, failure to update your records will result in account suspension.
Please update your records on or before November 2, 2006.
Once you have updated your account records, your PayPal® session will not be
interrupted and will continue as normal.
To update your PayPal® records click on the following link:
http://www.paypal.com/cgi-bin/webscr?cmd=_login-run
Thank You.
PayPal® UPDATE TEAM
Accounts Management As outlined in our User Agreement, PayPal® will
periodically send you information about site changes and enhancements.
Visit our Privacy Policy and User Agreement if you have any questions.
http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/ua/policy_privacy-outside
Here is PayPals response...
Thank you for contacting PayPal.
We appreciate you bringing this suspicious email to our attention. We
can confirm that the email you received was not sent to you by PayPal.
The website linked to this email is not a registered URL authorized or
used by PayPal. We are currently investigating this incident fully.
Please do not enter any personal or financial information into this
website.
If you have surrendered any personal or financial information to this
fraudulent website, you should immediately log in to your PayPal account
and change your password and security question and answer information.
Any compromised financial information should be reported to the
appropriate parties.
Please forward the entire email - including the header information - or
the site's URL to spoof@paypal.com We investigate every spoof reported.
Please note that the automatic response you receive from us may not
address you by name.
If you notice any unauthorized activity associated with your PayPal
transaction history, please immediately report this to PayPal by
following the instructions below:
1. Log in to your account at htpps://www.paypal.com
2. Click on the Security Center at the bottom of the page.
3. Click on "Unauthorized Transaction" under the "Report a Problem"
column.
4. Enter the Transaction ID for each unauthorized transaction in your
PayPal account. If you do not have any transactions to enter, click
"Continue."
5. Fill out the information and click "Continue."
6. Review the information and click "Submit" to file your claim.
For additional tips, please click on the Security Center link at the
bottom of any PayPal page.
We appreciate your efforts to keep PayPal safe.
Sincerely,
PayPal Account Review Department
Joe
CONECA #N-3446
CONECA #N-3446
0
Comments
http://www.paypal.com/cgi-bin/webscr?cmd=_login-run
I have found one thing to look for is that paypal uses the secure server which always starts with "https://" so if any link doesnt have this it is a fake phishing email
the_northern_trading_company
ace@airadv.net
PayPal also uses the name on my account when they send me something. These spoofs usually are very generic. They have been getting better though. I send in everything first and then let them tell me if it's real or not, Ebay also.
Larry
Dabigkahuna
Edited for DOH!!! Spelling.
follow-up on these emails, or is it just a PR con-job?!
Anyone can set up an auto-responder to spit out a canned email after you
send something to the spoof address...
SFC, US Army (Ret.) 1974-1994