Hybrid_From_Hell Posted January 25, 2006 Share Posted January 25, 2006 Came home, tired and logged on, had a number of e-mails, inc this one : Looked at it and wondered, it looked really genuine, it even has the site as www.paypal.com and then some other words etc... so I clicked on the info button and saw this : Now, this realy had me puzzled, it looks perfect to login to paypal, but still if you look at the pics you'll see the www is not quite what I would expect, plus they write as Dera PayPal user, not dear Nigel, which as they say is always a clue... so I logged on the www.paypal.co.uk and reported the e-mail and queried it.... Fair doos to PP they came back pronto with the following e-mail : Dear Nigel, Thank you for contacting PayPal. We appreciate you bringing this suspicious email to our attention. Commonly referred to as phishing, these emails are sent by fraudsters in an attempt to collect sensitive personal or financial information from the recipients. PayPal takes phishing threats seriously. Our fraud prevention specialists are working 24/7 to help protect you and enable the community to stay safe. After review, we can confirm that the email you received was not sent by PayPal. Any website which may be linked to this email is not authorized or used by PayPal. Our fraud prevention team is working to disable any website linked to this email. In the meantime, please do not enter any information into this website. If you have already done so, you should immediately log into your PayPal account and change your password, as well as your security questions and answers. We also recommend that you contact your bank and credit card company immediately. If you notice any unauthorized activity on your PayPal account, please report it to us by following the instructions below: 1. Log in to your account only from the PayPal website. Do not use links provided in any email. 2. Click on the Security Center link at the bottom of the page. 3. Click on the 'Unauthorized Transaction' link under the Report a Problem column. 4. Follow the instructions on this page in order to access the appropriate form. Lastly, we recommend taking a few steps to protect yourself from identity theft: > Download the SafetyBar, a toolbar for Outlook and Outlook Express, which identifies known spoof emails. > Get eBay Toolbar with Account Guard which warns you when you're on a potentially fraudulent (spoof) Web site. > Frequently monitor your account for suspicious activity. For additional tips please visit the PayPal Security Center at http://www.paypal.com/security. Once again, thank you for reporting this suspicious email. Your vigilance helps us in our efforts to protect the PayPal community. If you have any further questions, please feel free to contact us again. Sincerely, PayPal ______________________________ Important: PayPal and its representatives will NEVER ask you to reveal your password. There are NO EXCEPTIONS to this policy. If anyone claiming to work for PayPal asks for your password under any circumstances, by email or by phone, please refuse and immediately contact us via our secure webform online. ************************************************************************ This email is sent to you by the contracting entity to your User Agreement, either PayPal Inc or PayPal (Europe) Limited. PayPal(Europe) Limited is authorized and regulated by the Financial Services Authority in the UK as an electronic money institution BE VERY VERY CAREFULL ...........these scams for 'your money' get more sophisticated every day.... Nige Quote Link to comment Share on other sites More sharing options...
western Posted January 25, 2006 Share Posted January 25, 2006 I've had similar to that from scamming t**ts Just be very carefull Quote Link to comment Share on other sites More sharing options...
Guest MJG Posted January 25, 2006 Share Posted January 25, 2006 One of the best I've seen yet. The only thing that would have alerted me too id the 'dear users of PayPal services' bit. To me smacks of being something just a bit dodgy. I'll wait to get mine as these things allways do the rounds in very large numbers on the basis that that they will send to many thousands and just a few folks will be taken in. Many thanks for the tip off......... Quote Link to comment Share on other sites More sharing options...
siggy Posted January 25, 2006 Share Posted January 25, 2006 Had One from ebayusa.com asking to verify details Only problem was I've used ebay.co.uk and ebay.ca not America was extremely tempted to fill it in with lots of gobblegook and things like passwords:onlysadt**tsphish however I resisted temptation and deleted it.......... Quote Link to comment Share on other sites More sharing options...
geoffbeaumont Posted January 25, 2006 Share Posted January 25, 2006 Had One from ebayusa.comasking to verify details Only problem was I've used ebay.co.uk and ebay.ca not America was extremely tempted to fill it in with lots of gobblegook and things like passwords:onlysadt**tsphish however I resisted temptation and deleted it.......... Easy rule to get round these - never, ever, click on a link from an email to a particularly sensitive site like paypal or your online banking. If you get an email telling you you need to login, type the site address directly in your browser (the normal address you log in to, not one from the email). If the email was genuine there will normally be some kind of alert on the actual site too. If not, the worst you've done is lost a couple of minutes of your time. Quote Link to comment Share on other sites More sharing options...
LR90 Posted January 25, 2006 Share Posted January 25, 2006 There are some very good advantages to reading all your emails in TEXT ONLY mode. Firstly it makes it much easier to spot attempts like this where the urls have names that don't corresponde to the label and also you will not be displaying images that can be used to confirm you have read the email (thereby confirming your email for even more spam attempts). Quote Link to comment Share on other sites More sharing options...
TJ101 Posted January 25, 2006 Share Posted January 25, 2006 well i had one on sat from "Paypal", to confirm a paypal payment for a plated rolex watch, from someone in the states,, with a valve of $190 it also had a clickable "Dispute Transaction" tab on the e-mail,, Loged into paypal in the "proper" way,, and no payment had gone,, sent to spoof and got more or less the same mail as Nigel back,, confirming a phishing threat !! Anyone eles bought a crappy watch ??? Quote Link to comment Share on other sites More sharing options...
MarkieB Posted January 26, 2006 Share Posted January 26, 2006 one way to avoid phishing at all: www.spamgourmet.com : you create a new Email adress for everyone you write to / every different purpose. The address is automatically set to limit the number of Emails sent to the address, up to a limit you specify, max 20, resettable. When the address gets onto a spam list, the address quickly reaches it's "limit", then all Emails to that address are eaten before they get to the forwarding Email address you specify. For higher volume addresses such as your Ebay address, your paypal address, etcetera, to save needing to log in all the time to reset the number of Emails allowed, you specify www.paypal.co.uk / www.ebay.co.uk as exclusive senders for that address only . That way, spoof Emails, although they may spoof the sender as www.paypal.co.uk, can't spoof the address they write to; even though these addresses naturally get released to your trading partners, those are not normally the source of getting put on a spam list. Quote Link to comment Share on other sites More sharing options...
Daan Posted January 26, 2006 Share Posted January 26, 2006 Thanks for this warning. Daan Quote Link to comment Share on other sites More sharing options...
Tonk Posted January 26, 2006 Share Posted January 26, 2006 had exactly the same mail as u nige, i didn't follow the link obviously . another mail i get is about i've registered another email address to my account, please follow link to verify etc etc, obviously i never do. i always go in through the website, never from a link in an email Quote Link to comment Share on other sites More sharing options...
FridgeFreezer Posted January 26, 2006 Share Posted January 26, 2006 I use a different e-mail address for each company I register with, that way I can easily filter out their stuff and I know if I get an e-mail from eBay it will be sent to ebay@juracid... not my "normal" e-mail. It also means I know when a company sells my address to spammers - a couple of them attract an awful lot of spam and are now set to auto-delete Quote Link to comment Share on other sites More sharing options...
Tonk Posted January 26, 2006 Share Posted January 26, 2006 yeah but i've only got 7 email addresses, any more i get confused Quote Link to comment Share on other sites More sharing options...
GBMUD Posted January 26, 2006 Share Posted January 26, 2006 I do exactly the same as Fridgefreezer - and I only ever get spam/phishers on my ebay address. I can identify fake Paypal emails as they come to the wrong address. Chris Quote Link to comment Share on other sites More sharing options...
Guest MJG Posted January 26, 2006 Share Posted January 26, 2006 Mmmmm this is an interesting one..... Got this from service@paypal.co.uk today. Dear Martin XXXXXXX, This email confirms that you have added the following address to your account: Martin XXXXXXXX XXXXXX XXXXXX XXXXXX XXXXXX (Replace all X's above with my genuine surname/home address) Yours sincerely, PayPal Did you know: EBAY HAS PRODUCTS FOR YOUR NEW HOME * Lawn Mowers * Faucets * BBQs * Furniture * Spas & Pools * Flowers * Lamps * Vacuum Cleaners * Major Appliances * Plants * Tools * Wallpaper Go to http://home.ebay.co.uk PROTECT YOUR PASSWORD NEVER give your password to anyone, including PayPal employees. Protect yourself against fraudulent websites by opening a new web browser (e.g. Internet Explorer or Netscape) and typing in the PayPal URL every time you log in to your account. So as I was suspicious (as you would be as I hadn't recently moved house) I forwarded on to to spoof@paypal.co.uk and tonight I got an email back confirming this is a suspicious/dodgy email. The email also contained genuine looking logos and links. But where did whoever sent this get my full name and address from (Previous seller on eBay perhaps??????) and why send this as it did not ask me to click on any links or open any log in pages????? As a result of this I reactivated the blocking of images in my email program (Thunderbird) tonight and later on subsequentlty recieved:- Dear Martin Gilligan, Are your financial details safe on the web? For peace of mind, shop securely with PayPal. We will never share your credit card or bank details with a seller. What's more, you can also make exclusive savings on leading UK websites. Terms and Conditions apply. Please see merchant websites for further information. At PhotoBox, print your 30 favourite digital photos FREE! Misco.co.uk. Free delivery for PayPal customers for a limited period. 33% off shipping for purchases of 3 or more items from 3M. Free Express 2-3 working day Shipping on all items from Home's Best UK. 50% off total order shipping for 2 or more items from Blue Turtle. Great value Home and Garden items from Best Buys. 10% off your order! Save £10 on special Valentine gifts from Roses Only. Increase Your Safety PayPal is dedicated to protecting you. Learn more. This PayPal notification was sent to martin.gilligan@XXXX (my x's) ntlworld.com. To unsubscribe, reply to this email and type "unsubscribe" in the subject line. To modify your notification preferences, log in to your PayPal account, click Profile, then click the Notifications link under Account Information. Changes may take up to 10 days to be reflected in our mailings. PayPal will not sell or rent any of your personally identifiable information to third parties. For more information about the security of your information, read our Privacy Policy at https://www.paypal.com/uk/privacy. Copyright© 2006 PayPal (Europe) Ltd. All rights reserved. PayPal (Europe) Ltd. is authorised and regulated by the Financial Services Authority in the United Kingdom as an electronic money institution. PayPal FSA Register Number: 226056. Designated trademarks and brands are the property of their respective owners. Again the email was pitted with genuine looking PayPal logos and links. Clicking on the link brought up a warning that Thunderbird thought this link was suspicious and may not be genuine and only etc etc etc. So it seems they are getting good and your details are more susceptible than you might first think!!!!!! Lets be careful out there............ Quote Link to comment Share on other sites More sharing options...
02GF74 Posted January 27, 2006 Share Posted January 27, 2006 Nigel; that looks quite genuine but notice the top banner - Cyrillic Windows!!! Those rouskies are at it again. In short to everyone; never give password details. The genuine organisation does not need to know them and would nevere prompt for them; applies to all communications, e-mail, phone, written etc. Quote Link to comment Share on other sites More sharing options...
Mark90 Posted January 27, 2006 Share Posted January 27, 2006 Mmmmm this is an interesting one.....Got this from service@paypal.co.uk today. Dear Martin XXXXXXX, This email confirms that you have added the following address to your account: Martin XXXXXXXX XXXXXX XXXXXX XXXXXX XXXXXX (Replace all X's above with my genuine surname/home address) Yours sincerely, PayPal I got one of those too, thought it very odd as i hadn't added an new address and all the details where correct. Went straight in deleted items without opening or downloading the pictures. Odd thing was it arrived shortly after a reciept from paypal for a payment I'd had actually made. Quote Link to comment Share on other sites More sharing options...
GBMUD Posted January 27, 2006 Share Posted January 27, 2006 In short to everyone; never give password details. The genuine organisation does not need to know them and would nevere prompt for them; applies to all communications, e-mail, phone, written etc. Ebay send out genuine emails with links in them that, when you click them ask for your login details. As long as this goes on there will be fraud taking place. The email I am refering to is a question from a buyer with a "Respond now" link. Chris Quote Link to comment Share on other sites More sharing options...
FridgeFreezer Posted January 27, 2006 Share Posted January 27, 2006 On a slightly different note, I found this the other day which is very handy: http://www.spywarewarrior.com/rogue_anti-spyware.htm It's a list of all the programs & websites that claim to be anti-spyware but are actually fakes. Quote Link to comment Share on other sites More sharing options...
Guest MJG Posted January 27, 2006 Share Posted January 27, 2006 I got one of those too, thought it very odd as i hadn't added an new address and all the details where correct. Went straight in deleted items without opening or downloading the pictures. Odd thing was it arrived shortly after a reciept from paypal for a payment I'd had actually made. Now you come to mention it, same here. ??? problem witn PayPal's system, but if it was their fault they wouldn't have subsequently identified it as a 'spoof'. Quote Link to comment Share on other sites More sharing options...
Mark90 Posted January 27, 2006 Share Posted January 27, 2006 Now you come to mention it, same here.??? problem witn PayPal's system, but if it was their fault they wouldn't have subsequently identified it as a 'spoof'. If I'd thought before deleting it I'd have checked the header info against a genuine paypal e-mail to see if it came from the same place. I thought it strange that it had all my correct info in the e-mail. Check my paypal account and no unauthorised activity, will keep an eye on it though. I wasn't convinced it was a spoof/scam till you said paypal had said that. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.