OT - E-mail from PayPal

[aussiew]

I got an e-mail this morning from PayPall telling me they are updating their security software and need me to re-register. The damn thing looks SO REAL. i decided to err on the side of caution and press my "report spam" button(I have AOL) and didn't respond.

 

Has anyone else heard of this?

[theesir]

I got an e-mail this morning from PayPall telling me they are updating their security software and need me to re-register.  The damn thing looks SO REAL. i decided to err on the side of caution and press my "report spam" button(I have AOL) and didn't respond.

 

Has anyone else heard of this?

101489[/snapback]

This is a "phishing"email. You will be directed to a site that looks all official, enter your info and whoever set up the site can now log into your account.

 

 

RUN AWAY!!!!

[sweet baboo]

never go through the emails

[KD in CA]

I got an e-mail this morning from PayPall telling me they are updating their security software and need me to re-register.  The damn thing looks SO REAL. i decided to err on the side of caution and press my "report spam" button(I have AOL) and didn't respond.

 

Has anyone else heard of this?

101489[/snapback]

 

Sure have. It is a scam. They've been doing it with Citibank too lately. Beware of emails!

[mead107]

run forest run

[stevestojan]

The first sign is that Pay Pal will ALWAYS use your name in the email, not "dear maam" or "valued customer"

 

Also, if there is a problem with you paypal account, you can find out by logging in. Open a fresh browser, go to PayPal and login. No issues? The email is a scam.

 

Oh, and by the way, 99.9% of the time, it is a scam anyway.

[rockpile]

It is a documented scam: fightidentitytheft

[aussiew]

Thanks Steve. Now I remember reading something about using my real name. But I'm now realizing why people are starting to get duped. This one looked so professional, good graphics, no spelling or grammatical errors etc. It's a definite step up from those Nigerian faxes.

[stevestojan]

Thanks Steve.  Now I remember reading something about using my real name.  But I'm now realizing why people are starting to get duped.  This one looked so professional, good graphics, no spelling or grammatical errors etc. It's a definite step up from those Nigerian faxes.

101537[/snapback]

 

What's a fax?

 

 

[Dan Gross]

There's an interesting new twist on this scam. You'll get the e-mail from "Citibank" for instance, and the link in the e-mail actually ends up at Citibank's web site, by way of a redirection. It's their way of "pre-sniffing" for valid e-mail addresses, people who are stupid enough to click those links, actual Citibank customers, etc....

[aussiew]

It is a documented scam: fightidentitytheft

 

 

Rock: My letter was quite different from the one shown on this site.

[Lori]

Aussie, if you use the built-in AOL e-mail, anything sent from outside AOL will include a line that says "Sent from the Internet (Details)". Click on the "Details" link; that will give you the return path to the sender. I'm looking at a legit Paypal receipt right now, and the path includes "Received: from outbound1.den.paypal.com". Most phishes bounce back to an overseas address, or one of the free e-mail hosts.

 

And instead of just clicking the "spam" button, I'd suggest forwarding anything like that to spoof@paypal.com. (Ditto for spoof@ebay.com.) They try to follow up on them....

[Just Jack]

There are several I've seen like the one you probably got. Among them are Paypal, Citibank, Wells Fargo, HSBC, M&T, and others I can't remember.

[aussiew]

Most phishes bounce back to an overseas address, or one of the free e-mail hosts.

 

Great advice - thanks for your help Lori.

[stuckincincy]

There are several I've seen like the one you probably got. Among them are Paypal, Citibank, Wells Fargo, HSBC, M&T, and others I can't remember.

102044[/snapback]

 

I'd add that a while back, a scam hit Inet provider Earthlink, saying there was a problem with billing - need to verify card # etc. It looked very authentic. E-link sent out immediate messages to their customers about that and took steps to stop it.

[theesir]

All your login information are belong to us

[Fezmid]

Check out the consumer forums, specifically this thread (with links to security article and my security presentation I gave):

 

http://205.134.161.85/forums/index.php?showtopic=7560

 

It's VERY easy to make a site look like the "real thing." It's also easy with bugs in IE to make the toolbar LOOK like you're hitting the legit site. Take a look at this link:

 

http://www.fezam.com/citi/

 

I made that page in LITERALLY 10 seconds for my security class (took longer to make it look more "unofficial") Go to Citibank (or ANY website), and you can save all of the HTML code that makes up the page. Put that up on your own webserver, modify where the login info goes and you're done. Don't fall for it.

 

No company will EVER ask you to login to your account from an email for any reason. And as others have pointed out - if they do, always bring up a browser and MANUALLY type in the URL.

 

To be honest, I'm surprised that there hasn't been any worms that go through and actually change bookmarks for popular sites to point to spoofed phishing sites. It'd be trivial to write a program to go through someone's bookmarks and replace www.paypal.com (or citibank.com, etc) with www.mystealinghost.com. People generally use bookmarks to access their sites and probably wouldn't look at the location bar to make sure they were really there. Sneaky and would be easy to implment and would catch a LOT of people I'd bet...

 

Anyway, good for you for not falling for their tricks!

 

CW

[Nanker]

Thank heavens you did the right thing and reported the spam.

The only known antidote if you had followed their instructions is to send nekkid pictures of yourself to 25,000 of your friends on the Internet.

 

Take my word for it. Taterhill didn't and look what happened to him!