FAKE PAYPAL EMAILS
Here's an example of the text in the fake PayPal phishing scams...
From: PayPal
To: XXXXXXXXXXXXXXXXXXXXXXXX
CC:
Subject: Account Review Team
Date: Wed, 12 Oct 2005 00:52:20 +0200 (CEST)
Return-Path:
Delivered-To: XXXXXXXXXXXXXXXXXXXX
Received: (qmail 25786 invoked by uid 0); 12 Oct 2005 00:27:43 -0000
X-Ob-Received: from unknown (192.168.9.26) by mta1-7.us4.outblaze.com; 12 Oct 2005 00:27:43 -0000
Received: from theta.ibone.ch (theta.dynamic-net.ch [213.203.212.82]) by spf4.us4.outblaze.com (Postfix) with ESMTP id 8033518B556 for Oct 2005 00:27:42 +0000 (GMT)
Received: by theta.ibone.ch (theta.ibone.ch, from userid 958) id F10E2196AA93; Wed, 12 Oct 2005 00:52:20 +0200 (CEST)
Content-Type: text/html
Message-Id: <20051011225220.F10E2196AA93@theta.ibone.ch>
PayPal is committed to maintaining a safe environment for its community of customers. To protect the security of your account, PayPal employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the PayPal system for unusual activity.
We are contacting you because on 11 Oct 2005 our Account Review Team identified some unusual activity in your account. In accordance with PayPal's User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved.
To secure your account and quickly restore full access, we may require some additional information from you for the following reason:
We have been notified that a card associated with your account has been reported as lost or stolen, or that there were additional problems with your card.
This process is mandatory, and if not completed within the nearest time your account or credit card may be subject for temporary suspension.
To securely confirm your PayPal information please click on the link bellow:
https://www.paypal.com/cgi-bin/webscr?cmd=_login-run
We encourage you to log in and perform the steps necessary to restore your account access as soon as possible. Allowing your account access to remain limited for an extended period of time may result in further limitations on the use of your account and possible account closure.
For more information about how to protect your account please visit PayPal Security Center. We apologize for any incovenience this may cause, and we apriciate your assistance in helping us to maintain the integrity of the entire PayPal system.
Thank you for using PayPal!
The PayPal Team
*************
These emails are sent in HTML format with images stolen from PayPal's legitimite website. Unfortunately, I'm sure a lot of people actually fall for this phishing scam and give these S.O.B.'s their PayPal password and account information.
A careful review of the email will notice the misspellings (a common occurrance with such emails - - odd that they're smart enough to create a realistic-appearing message from PayPal, but too stupid to use proper spelling and grammar). While the link in the text appears to be to a legitimate PayPal webpage, a quick mouseover (without clicking) reveals that it actually connects to another website. I haven't included that link in this message, as I don't want any of my site's visitors to click on it by mistake; but I did forward it to the United States government agency that investigates these matters, as well as to PayPal's spoof department (spoof@paypal.com).
Another dead giveaway is this claim: "This process is mandatory, and if not completed within the nearest time your account or credit card may be subject for temporary suspension." These scammers typically use threatening language to scare you into obedience. Legitimate financial institutions will never force you to follow such procedures. And the use of the phrase "within the nearest time" as the deadline demonstrates that the writer is not only ignorant of the proper use of the English language, but also of the usage of vague deadlines.
Despite the fact that I don't have, nor have I ever had, a PayPal account, these fraudsters continue to go phishing in my e-pond. Needless to say, I won't be taking the bait. I hope you won't either. If you ever get an email you suspect is from your legitimite financial institution, give them a call on the telephone to verify it. Don't EVER click on a link sent to you in one of these emails and don't call the phone numbers they give you. Look it up in your local phone book and call your bank yourself. Don't take for granted any information you get in one of these emails. Remember, their goal is to RIP YOU OFF! Don't let them.
From: PayPal
To: XXXXXXXXXXXXXXXXXXXXXXXX
CC:
Subject: Account Review Team
Date: Wed, 12 Oct 2005 00:52:20 +0200 (CEST)
Return-Path:
Delivered-To: XXXXXXXXXXXXXXXXXXXX
Received: (qmail 25786 invoked by uid 0); 12 Oct 2005 00:27:43 -0000
X-Ob-Received: from unknown (192.168.9.26) by mta1-7.us4.outblaze.com; 12 Oct 2005 00:27:43 -0000
Received: from theta.ibone.ch (theta.dynamic-net.ch [213.203.212.82]) by spf4.us4.outblaze.com (Postfix) with ESMTP id 8033518B556 for
Received: by theta.ibone.ch (theta.ibone.ch, from userid 958) id F10E2196AA93; Wed, 12 Oct 2005 00:52:20 +0200 (CEST)
Content-Type: text/html
Message-Id: <20051011225220.F10E2196AA93@theta.ibone.ch>
PayPal is committed to maintaining a safe environment for its community of customers. To protect the security of your account, PayPal employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the PayPal system for unusual activity.
We are contacting you because on 11 Oct 2005 our Account Review Team identified some unusual activity in your account. In accordance with PayPal's User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved.
To secure your account and quickly restore full access, we may require some additional information from you for the following reason:
We have been notified that a card associated with your account has been reported as lost or stolen, or that there were additional problems with your card.
This process is mandatory, and if not completed within the nearest time your account or credit card may be subject for temporary suspension.
To securely confirm your PayPal information please click on the link bellow:
https://www.paypal.com/cgi-bin/webscr?cmd=_login-run
We encourage you to log in and perform the steps necessary to restore your account access as soon as possible. Allowing your account access to remain limited for an extended period of time may result in further limitations on the use of your account and possible account closure.
For more information about how to protect your account please visit PayPal Security Center. We apologize for any incovenience this may cause, and we apriciate your assistance in helping us to maintain the integrity of the entire PayPal system.
Thank you for using PayPal!
The PayPal Team
*************
These emails are sent in HTML format with images stolen from PayPal's legitimite website. Unfortunately, I'm sure a lot of people actually fall for this phishing scam and give these S.O.B.'s their PayPal password and account information.
A careful review of the email will notice the misspellings (a common occurrance with such emails - - odd that they're smart enough to create a realistic-appearing message from PayPal, but too stupid to use proper spelling and grammar). While the link in the text appears to be to a legitimate PayPal webpage, a quick mouseover (without clicking) reveals that it actually connects to another website. I haven't included that link in this message, as I don't want any of my site's visitors to click on it by mistake; but I did forward it to the United States government agency that investigates these matters, as well as to PayPal's spoof department (spoof@paypal.com).
Another dead giveaway is this claim: "This process is mandatory, and if not completed within the nearest time your account or credit card may be subject for temporary suspension." These scammers typically use threatening language to scare you into obedience. Legitimate financial institutions will never force you to follow such procedures. And the use of the phrase "within the nearest time" as the deadline demonstrates that the writer is not only ignorant of the proper use of the English language, but also of the usage of vague deadlines.
Despite the fact that I don't have, nor have I ever had, a PayPal account, these fraudsters continue to go phishing in my e-pond. Needless to say, I won't be taking the bait. I hope you won't either. If you ever get an email you suspect is from your legitimite financial institution, give them a call on the telephone to verify it. Don't EVER click on a link sent to you in one of these emails and don't call the phone numbers they give you. Look it up in your local phone book and call your bank yourself. Don't take for granted any information you get in one of these emails. Remember, their goal is to RIP YOU OFF! Don't let them.
posted by Kevin Lauer at 7:52 PM
0 comments
