Guest Posted July 6, 2004 Share Posted July 6, 2004 I recieved an apparrent email from Paypal: Dear *****@*****.com, (I HID THIS) We recently reviewed your account, and suspect that your PayPal account may have been accessed by an unauthorized third party. Protecting the security of your account and of the PayPal network is our primary concern. Therefore, as a prevention measure, we have temporarely limited access to sensitive PayPal account features. Please click on the link below to confirm your information: https://www.paypal.com/cgi-bin/webscr?cmd=_login-run For more information about how to protect your account, please visit PayPal's Security Center, accessible via the "Security Center" link located at the bottom of each page of the PayPal website. We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of the entire PayPal system. Thank you for your prompt attention to this matter. Sincerely, The PayPal Fraud Management Team Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the header of any page. Copyright© 2004 PayPal, Inc. All rights reserved. Designated trademarks and brands are the property of their respective owners. I thought it was strange as when I hovered over the URL in the email, this address came up as an ALT tab: DO NOT ACCESS IT UNLESS YOU ARE SURE YOU KNOW WHAT YOU ARE DOING! {LINK REMOVED} This is not a Paypal domain!!!!!!!!! If you do access it, DO NOT enter your user name and password! I suspect that they are trying to steal your access to PayPal!!! The IP address belongs to: Search results for: 80.25.111.151 OrgName: RIPE Network Coordination Centre OrgID: RIPE Address: Singel 258 Address: 1016 AB City: Amsterdam StateProv: PostalCode: Country: NL ReferralServer: whois://whois.ripe.net:43 NetRange: 80.0.0.0 - 80.255.255.255 CIDR: 80.0.0.0/8 NetName: 80-RIPE NetHandle: NET-80-0-0-0-1 Parent: NetType: Allocated to RIPE NCC NameServer: NS-PRI.RIPE.NET NameServer: NS3.NIC.FR NameServer: SUNIC.SUNET.SE NameServer: AUTH62.NS.UU.NET NameServer: SEC1.APNIC.NET NameServer: SEC3.APNIC.NET NameServer: TINNIE.ARIN.NET Comment: These addresses have been further assigned to users in Comment: the RIPE NCC region. Contact information can be found in Comment: the RIPE database at http://www.ripe.net/whois RegDate: Updated: 2004-03-16 Or look it up here: http://www.ripe.net/perl/whois?form_type=s...o_search=Search Take Care!!! Link to comment Share on other sites More sharing options...
Guest Posted July 6, 2004 Share Posted July 6, 2004 Thanks for the heads up. Link to comment Share on other sites More sharing options...
Guest Posted July 6, 2004 Share Posted July 6, 2004 Just an update... I reported this to Paypal... here's their reply: Dear *** ***, Thank you for bringing this possibly fraudulent website/email to our attention. Please be sure the following is included: 1. A copy of the suspicious email that was received 2. If the email contained a link to a website, the link that was included 3. The email address of the person who sent the suspicious email Rest assured, PayPal will take immediate and appropriate action on the matter. If you have surrendered financial information or password information to the website/email, report this to your financial institutions, and immediately change your passwords and secret answers. If you find any unauthorized changes on any account, report the occurrence immediately! To file a claim of Unauthorized Use of Your PayPal Account, click here: https://www.paypal.com/wf/f=sa_unauth If you can no longer access your PayPal Account, use the following instructions*. If you still cannot access your PayPal Account after following these instructions, click here: https://www.paypal.com/ewf/f=sa_unauth If you have sent a payment, but believe the seller to be fraudulent, or have not received product, please log in to your PayPal Account, click 'Security Center', click the 'Buyer Complaint Form' and follow the instructions. DO NOT reply to this email as no one is assigned to respond to this automatic email. If this is a PayPal transaction showing up on your Credit Card or Bank Statement that is NOT on your PayPal Account, please call 1-402-935-7733 and request to be transferred to Resolution Services. Please note, only reports of stolen Credit Cards and stolen Bank Accounts will be handled by phone. All other reports will only be acted on if emailed via appropriate webform. DO NOT reply to this email as no one is assigned to respond to this automatic email. If your problem is not one of the above scenarios, then please contact us at https://www.paypal.com/wf/f=default or https://www.paypal.com/ewf/f=default. *We have developed a process by which you can regain access to your PayPal Account by confirming some of the information you gave when registering for your account. Please follow the instructions below, which will guide you through the rest of the process.  1. Visit https://www.paypal.com/ and click the 'Forget Your Password?' link located under the box provided (you may have to first click a 'Log In' button if our system does not recognize the computer you are using) 2. On the page that appears, enter your email address in the box provided and click 'Submit'. The email address entered must be an email address you have added to your PayPal Account 3. An email containing a hypertext link along with additional instructions will be automatically sent to the email address you entered in Step 2. Click the link 4. You will be asked to verify your identity by answering questions based on your account information   * Please note that if you are requested to answer your Security Questions to verify your identity, both questions must be answered 5. Click 'Submit' Once you have successfully verified your identity, you can change your password and access your account immediately. We suggest that you also review your Profile information and make any necessary updates. If you cannot verify your identity, click the 'fax information' link on the 'Verify Your Identity' page for further instructions to recover your password. **To change either your password or your security questions, please follow the instructions below: 1. Click https://www.paypal.com/PW-PROF or copy and paste the entire link into the address bar 2. Select either 'Password' or 'Security Question' and click the 'Edit' button 3. You may be asked to confirm ownership of the account by answering questions based on your account information 4. Click 'Submit' 5. Type your current password in the 'Current Password' box, either type your new password into the 'New Password' and 'Retype Password' boxes, or select your new security questions and enter the answers. Please note, passwords are case sensitive and must be at least 8 characters. Also, make sure that your CAPS LOCK is not on when you set your password 8. Click 'Save' to complete the change To ensure your security, please utilize these habits when logging into your PayPal account. 7 Always check the URL shown in your browser window. PayPal-hosted pages always begin with https://www.paypal.com/ 7 Additionally, if the URL begins with 'https' rather than 'http' this shows you have a secure connection with PayPal 7 Never enter a PayPal password into a page that does not begin with <https://www.paypal.com/> PayPal and its representatives will NEVER ask you to reveal your password. There are NO EXCEPTIONS to this policy. If anyone claiming to work for PayPal asks for your password under any circumstances, by email or by phone, please refuse and immediately contact us via webform at https://www.paypal.com/wf/f=sa_pass. Thank you for contacting PayPal. If you have any further questions, please feel free to contact us again. This email is sent to you by the contracting entity to your User Agreement, either PayPal Inc or PayPal (Europe) Limited. PayPal(Europe) Limited is authorised and regulated by the Financial Services Authority in the UK as an electronic money institution. I'll keep you updated! Link to comment Share on other sites More sharing options...
Al Brookbanks Posted July 6, 2004 Share Posted July 6, 2004 I have had this in my email before and a similar one to update my ebay credit card info. I hope they get banged up for years!! Link to comment Share on other sites More sharing options...
Guest Posted July 6, 2004 Share Posted July 6, 2004 I have had this in my email before and a similar one to update my ebay credit card info. I hope they get banged up for years!! Well here's another follow upfrom their ISP: Subject: Paypal hacking We wish to thank you for your message in which you informed us about an incident with our Internet service. Your message has been registered under number: N04-392006 In addition, we would like to inform you that we are taking measures to approach the problem in order to prevent it from happening again in the future. For any question or any another issue, please contact us on our email [email protected] or [email protected]. Best regards. Español: Asunto: Paypal hacking Hemos recibido su queja, que ha sido registrada con el nº N04-392006, en la que nos comunicaba una incidencia relacionada con Internet. Al respecto, le informo que estamos procediendo a tomar las acciones que entendemos pertinentes, para que estos hechos no vuelvan a producirse. Le agradecemos su información y le recordamos que si vuelve a producirse algún hecho de esta naturaleza, estamos a su disposición en nuestro email [email protected] o [email protected] Maybe something good (bad) will happen to them :whistle: Link to comment Share on other sites More sharing options...
Guest Mini Posted July 6, 2004 Share Posted July 6, 2004 We get roughly a dozen of these emails every week. Not just proprorting to be from ebay either; we've had them from ebay, Citibank, USbank, Visa - even supposedly from ISPs. There is a pretty simple way to spot most spoof emails. Ebay or Paypal will address you by your name; eg. Dear Mr Brookbanks - spoofs will always say Dear Paypal USer or Customer. Its not a 100% foolproof way of spotting spoofs but it should set some alarm bells ringing in your head. Link to comment Share on other sites More sharing options...
Guest Posted July 8, 2004 Share Posted July 8, 2004 Thank for the warning Mini .. Also I read the longer e-mail they have sent you and I was surprised to actually finally see what PayPal's phone number was! I searched all over their site and I never found it. -Tim Link to comment Share on other sites More sharing options...
Guest cupboard Posted July 13, 2004 Share Posted July 13, 2004 forward any suspicious emails to [email protected] or [email protected] respectively prior to clicking, acting on it, or anything. They will respond within 24 hours letting you know if it is them or not. Although, in my experience, it never is. I have sent dozens to them and it always comes back that it was fake. Paypal and ebay advise that they will never require you to click on a URL in an email. Everything you need to do with either can be accomplished by logging into their site. So if it says you need to update your account, just log into your account (by entering the address in your browser, not by clicking anything) and check your account. If everything looks fine, it probably is. If you are unsure, just forward the email to the spoof@ address I mentioned and wait for a response before proceeding. Thanks Selena Link to comment Share on other sites More sharing options...
Recommended Posts