I received the following E-Mail: ----------------------------------- "Dear paypal user, We would like to inform you that we are upgrading our server to install a better protection software. So please click here and fill in the registration form again to renew your account. Paypal Administration. Thank you for a using PayPal! About | Accounts | Fees | Privacy | Security Center | User Agreement | Developers | Referrals | Shops Copyright © 1999-2003 PayPal. All rights reserved. Information about FDIC pass-through insurance" --------------------------------------------- ....completely in the look and feel of Paypal. They use a security hole in Internet Explorer, the same that was posted in the "Browser of choice" thread here in the Hangout. It shows www.paypal.com as the URL in the address bar. However, this e-mail is not from PayPal. The sender is "PayPal [verification@paypal.com]" - fake. I did a whois search on the IP address that is behind the fake address in the address bar and that did not return PayPal. The thing is - they used my e-mail address that I use for PayPal to send me this e-mail. I only really use this e-mail address here, at PayPal, for fantasy basketball and for a few software purchases I made online. I have never really received spam to the e-mail address either. I don't know how they could know that I use the e-mail address for PayPal or if it was just a coincidence that that mail happened to come to that address (I use several e-mail addresses). Maybe there is someone inside PayPal that sells data or whatever. I don't know. Anyway, just wanted to warn you - if you are not addressed by your name in the e-mail - don't believe it really is from PayPal. Do not enter anything after clicking on a link in the e-mail. If you have to do something with PayPal, type in the address manually or go there from your Favorites. ------------------------------------------- Here is a link to the security advisory from PayPal: http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/email-security-outside "Protect Yourself from Fraudulent Emails and Websites At PayPal, protecting your account's security is our top priority. Recently, PayPal members have reported suspicious-looking emails and fake websites. These emails are not from PayPal and responding to them may put your account at risk. Please protect your PayPal account by paying close attention to the emails you receive and the websites you visit. Please use the following tips to stay safe with PayPal: Safe Log In: To log in to your PayPal account or access the PayPal website, open a new web browser (e.g., Internet Explorer or Netscape) and type in the following: https://www.paypal.com/ Greeting: Emails from PayPal will address you by your first and last name or the business name associated with your PayPal account. Fraudulent emails often include the salutation "Dear PayPal User" or "Dear PayPal Member". Email Attachments: PayPal emails will never ask you to download an attachment or a software program. Attachments contained in fraudulent emails often contain viruses that may harm your computer or compromise your PayPal account. Request for Personal Information: If we require information from you, we will notify you in an email and request that you enter the information only after you have safely and securely logged in to your PayPal account. Often, fraudulent emails will request details such as your full name, account password, credit card number, bank account, PIN number, Social Security Number, or mother's maiden name. If you think that you have received a fraudulent email (or fake website), please forward the email (or URL address) to spoof@paypal.com and then delete the email from your mailbox. Never click any links or attachments in a suspicious email. To learn more about protecting your PayPal account, please review our Security Tips."
I think that this scam is just being sent out to everyone's email address they can think up. My wife is not a PayPal user and she got the same email. I got it about a month ago and reported it to Paypal. Then I replied to the sender and dropped a nice big F-bomb on them.
Thanks for the warning. That's similar to an e-mail I was getting a few months back. Only it was claiming to be from Ebay. I got two or three a day for about week.
Same thing as the 'the FDIC has frozen your bank account' e-mails that are going around. They use what looks like www.FDIC.gov, but is really routed to some IP address.
thanks for the info chiles...i got that email as well, but luckily im too lazy to open up anything that doesnt have real importance
I knew it. I got this same e-mail and was very suspicious. I ignored it and considered reporting them to paypal. thanks for the heads up.
Spammers and Scammers are getting pretty good. I got an email from Mike Scott yesterday. Had to check it out. I don't trust to any emails anymore. I go straight to the web site or call the company to be sure.
