Don't be a Loser

[Hybrid_From_Hell]

Came home, tired and logged on, had a number of e-mails, inc this one :

Looked at it and wondered, it looked really genuine, it even has the site as www.paypal.com and then some other words etc...

so I clicked on the info button and saw this :

Now, this realy had me puzzled, it looks perfect to login to paypal, but still if you look at the pics you'll see the www is not quite what I would expect, plus they write as Dera PayPal user, not dear Nigel, which as they say is always a clue...

so I logged on the www.paypal.co.uk and reported the e-mail and queried it....

Fair doos to PP they came back pronto with the following e-mail :

Dear Nigel,

Thank you for contacting PayPal. We appreciate you bringing this

suspicious email to our attention.

Commonly referred to as phishing, these emails are sent by fraudsters in

an attempt to collect sensitive personal or financial information from

the recipients. PayPal takes phishing threats seriously. Our fraud

prevention specialists are working 24/7 to help protect you and enable

the community to stay safe.

After review, we can confirm that the email you received was not sent by

PayPal. Any website which may be linked to this email is not authorized

or used by PayPal.

Our fraud prevention team is working to disable any website linked to

this email. In the meantime, please do not enter any information into

this website. If you have already done so, you should immediately log

into your PayPal account and change your password, as well as your

security questions and answers. We also recommend that you contact your

bank and credit card company immediately.

If you notice any unauthorized activity on your PayPal account, please

report it to us by following the instructions below:

1. Log in to your account only from the PayPal website. Do not use

links provided in any email.

2. Click on the Security Center link at the bottom of the page.

3. Click on the 'Unauthorized Transaction' link under the Report a

Problem column.

4. Follow the instructions on this page in order to access the

appropriate form.

Lastly, we recommend taking a few steps to protect yourself from

identity theft:

> Download the SafetyBar, a toolbar for Outlook and Outlook Express,

which identifies known spoof emails.

> Get eBay Toolbar with Account Guard which warns you when you're on a

potentially fraudulent (spoof) Web site.

> Frequently monitor your account for suspicious activity.

For additional tips please visit the PayPal Security Center at

http://www.paypal.com/security.

Once again, thank you for reporting this suspicious email. Your

vigilance helps us in our efforts to protect the PayPal community. If

you have any further questions, please feel free to contact us again.

Sincerely,

PayPal

______________________________

Important: PayPal and its representatives will NEVER ask you to reveal

your password. There are NO EXCEPTIONS to this policy. If anyone

claiming to work for PayPal asks for your password under any

circumstances, by email or by phone, please refuse and immediately

contact us via our secure webform online.

************************************************************************

This

email is sent to you by the contracting entity to your User Agreement,

either PayPal Inc or PayPal (Europe) Limited. PayPal(Europe) Limited is

authorized and regulated by the Financial Services Authority in the UK

as an electronic money institution

BE VERY VERY CAREFULL

...........these scams for 'your money' get more sophisticated every day....

Nige

[western]

I've had similar to that from scamming t**ts Just be very carefull

[Guest MJG]

One of the best I've seen yet.

The only thing that would have alerted me too id the 'dear users of PayPal services' bit.

To me smacks of being something just a bit dodgy.

I'll wait to get mine as these things allways do the rounds in very large numbers on the basis that that they will send to many thousands and just a few folks will be taken in.

Many thanks for the tip off.........

[siggy]

Had One from ebayusa.com

asking to verify details Only problem was I've used ebay.co.uk and ebay.ca not America

was extremely tempted to fill it in with lots of gobblegook and things like

passwords:onlysadt**tsphish

however I resisted temptation and deleted it..........

[geoffbeaumont]

Had One from ebayusa.com

asking to verify details Only problem was I've used ebay.co.uk and ebay.ca not America

was extremely tempted to fill it in with lots of gobblegook and things like

passwords:onlysadt**tsphish

however I resisted temptation and deleted it..........

Easy rule to get round these - never, ever, click on a link from an email to a particularly sensitive site like paypal or your online banking. If you get an email telling you you need to login, type the site address directly in your browser (the normal address you log in to, not one from the email). If the email was genuine there will normally be some kind of alert on the actual site too. If not, the worst you've done is lost a couple of minutes of your time.

[LR90]

There are some very good advantages to reading all your emails in TEXT ONLY mode. Firstly it makes it much easier to spot attempts like this where the urls have names that don't corresponde to the label and also you will not be displaying images that can be used to confirm you have read the email (thereby confirming your email for even more spam attempts).

[TJ101]

well i had one on sat from "Paypal", to confirm a paypal payment for a plated rolex watch, from someone in the states,, with a valve of $190 it also had a clickable "Dispute Transaction" tab on the e-mail,,

Loged into paypal in the "proper" way,, and no payment had gone,, sent to spoof and got more or less the same mail as Nigel back,, confirming a phishing threat !!

Anyone eles bought a crappy watch ???

[MarkieB]

one way to avoid phishing at all: www.spamgourmet.com : you create a new Email adress for everyone you write to / every different purpose. The address is automatically set to limit the number of Emails sent to the address, up to a limit you specify, max 20, resettable. When the address gets onto a spam list, the address quickly reaches it's "limit", then all Emails to that address are eaten before they get to the forwarding Email address you specify.

For higher volume addresses such as your Ebay address, your paypal address, etcetera, to save needing to log in all the time to reset the number of Emails allowed, you specify www.paypal.co.uk / www.ebay.co.uk as exclusive senders for that address only . That way, spoof Emails, although they may spoof the sender as www.paypal.co.uk, can't spoof the address they write to; even though these addresses naturally get released to your trading partners, those are not normally the source of getting put on a spam list.

[Daan]

Thanks for this warning.

Daan

[Tonk]

had exactly the same mail as u nige, i didn't follow the link obviously . another mail i get is about i've registered another email address to my account, please follow link to verify etc etc, obviously i never do. i always go in through the website, never from a link in an email

[FridgeFreezer]

I use a different e-mail address for each company I register with, that way I can easily filter out their stuff and I know if I get an e-mail from eBay it will be sent to ebay@juracid... not my "normal" e-mail. It also means I know when a company sells my address to spammers - a couple of them attract an awful lot of spam and are now set to auto-delete

[Tonk]

yeah but i've only got 7 email addresses, any more i get confused

[GBMUD]

I do exactly the same as Fridgefreezer - and I only ever get spam/phishers on my ebay address. I can identify fake Paypal emails as they come to the wrong address.

Chris

[Guest MJG]

Mmmmm this is an interesting one.....

Got this from service@paypal.co.uk today.

Dear Martin XXXXXXX,

This email confirms that you have added the following address to your account:

Martin XXXXXXXX

XXXXXX

XXXXXX

XXXXXX

XXXXXX

(Replace all X's above with my genuine surname/home address)

Yours sincerely,

PayPal

Did you know:

EBAY HAS PRODUCTS FOR YOUR NEW HOME

* Lawn Mowers * Faucets * BBQs * Furniture

* Spas & Pools * Flowers * Lamps * Vacuum Cleaners

* Major Appliances * Plants * Tools * Wallpaper

Go to http://home.ebay.co.uk

PROTECT YOUR PASSWORD

NEVER give your password to anyone, including PayPal employees. Protect yourself against fraudulent websites by opening a new web browser (e.g. Internet Explorer or Netscape) and typing in the PayPal URL every time you log in to your account.

So as I was suspicious (as you would be as I hadn't recently moved house) I forwarded on to to spoof@paypal.co.uk and tonight I got an email back confirming this is a suspicious/dodgy email. The email also contained genuine looking logos and links.

But where did whoever sent this get my full name and address from (Previous seller on eBay perhaps??????)

and why send this as it did not ask me to click on any links or open any log in pages?????

As a result of this I reactivated the blocking of images in my email program (Thunderbird) tonight and later on subsequentlty recieved:-

Dear Martin Gilligan,

Are your financial details safe on the web? For peace of mind, shop securely with PayPal. We will never share your credit card or bank details with a seller. What's more, you can also make exclusive savings on leading UK websites.

Terms and Conditions apply. Please see merchant websites for further information.

At PhotoBox, print your 30 favourite digital photos FREE! Misco.co.uk. Free delivery for PayPal customers for a limited period. 33% off shipping for purchases of 3 or more items from 3M.

Free Express 2-3 working day Shipping on all items from Home's Best UK. 50% off total order shipping for 2 or more items from Blue Turtle. Great value Home and Garden items from Best Buys. 10% off your order!

Save £10 on special Valentine gifts from Roses Only.

Increase Your Safety

PayPal is dedicated to protecting you.

Learn more.

This PayPal notification was sent to martin.gilligan@XXXX (my x's) ntlworld.com. To unsubscribe, reply to this email and type "unsubscribe" in the subject line. To modify your notification preferences, log in to your PayPal account, click Profile, then click the Notifications link under Account Information. Changes may take up to 10 days to be reflected in our mailings. PayPal will not sell or rent any of your personally identifiable information to third parties. For more information about the security of your information, read our Privacy Policy at https://www.paypal.com/uk/privacy.

Copyright© 2006 PayPal (Europe) Ltd. All rights reserved. PayPal (Europe) Ltd. is authorised and regulated by the Financial Services Authority in the United Kingdom as an electronic money institution. PayPal FSA Register Number: 226056. Designated trademarks and brands are the property of their respective owners. Again the email was pitted with genuine looking PayPal logos and links.

Clicking on the link brought up a warning that Thunderbird thought this link was suspicious and may not be genuine and only etc etc etc.

So it seems they are getting good and your details are more susceptible than you might first think!!!!!!

Lets be careful out there............

[02GF74]

Nigel;

that looks quite genuine but notice the top banner - Cyrillic Windows!!! Those rouskies are at it again.

In short to everyone; never give password details. The genuine organisation does not need to know them and would nevere prompt for them; applies to all communications, e-mail, phone, written etc.

[Mark90]

Mmmmm this is an interesting one.....

Got this from service@paypal.co.uk today.

Dear Martin XXXXXXX,

This email confirms that you have added the following address to your account:

Martin XXXXXXXX

XXXXXX

XXXXXX

XXXXXX

XXXXXX

(Replace all X's above with my genuine surname/home address)

Yours sincerely,

PayPal

I got one of those too, thought it very odd as i hadn't added an new address and all the details where correct. Went straight in deleted items without opening or downloading the pictures. Odd thing was it arrived shortly after a reciept from paypal for a payment I'd had actually made.

[GBMUD]

In short to everyone; never give password details. The genuine organisation does not need to know them and would nevere prompt for them; applies to all communications, e-mail, phone, written etc.

Ebay send out genuine emails with links in them that, when you click them ask for your login details. As long as this goes on there will be fraud taking place. The email I am refering to is a question from a buyer with a "Respond now" link.

Chris

[FridgeFreezer]

On a slightly different note, I found this the other day which is very handy:

http://www.spywarewarrior.com/rogue_anti-spyware.htm

It's a list of all the programs & websites that claim to be anti-spyware but are actually fakes.

[Guest MJG]

I got one of those too, thought it very odd as i hadn't added an new address and all the details where correct. Went straight in deleted items without opening or downloading the pictures. Odd thing was it arrived shortly after a reciept from paypal for a payment I'd had actually made.

Now you come to mention it, same here.

??? problem witn PayPal's system,

but if it was their fault they wouldn't have subsequently identified it as a 'spoof'.

[Mark90]

Now you come to mention it, same here.

??? problem witn PayPal's system,

but if it was their fault they wouldn't have subsequently identified it as a 'spoof'.

If I'd thought before deleting it I'd have checked the header info against a genuine paypal e-mail to see if it came from the same place. I thought it strange that it had all my correct info in the e-mail. Check my paypal account and no unauthorised activity, will keep an eye on it though. I wasn't convinced it was a spoof/scam till you said paypal had said that.