PayPal Spam Fraud

I’m always suspicious when I get e-mails from Paypal. That is scary. Good catch on your part.

I found this page just now via a Google search for ‘service@paypal.com.’ I’ve received two of these e-mails, as well as a different paypal scam. I figure I got pegged through e-bay activity. I reported them all to Paypal, but, this second one, I don’t think, has yet prompted a reply from them.

What confuses me is that there IS something legitimate at Paypal, service@paypal.com. That e-mail is given as a contact within their website, I think.

At this point, if I do happen to ignore a legitimate e-mail from them and then my account has problems, I think I’ll just close it!!

[link to snopes]

YUP! Anything like this should send up a red flag!

PayPal scam looks like it is legit! That is called social
engineering. The credit card info is sent to Russians
who will find something to do with your data!!!
LIKE SPEND YOUR MONEY !

I found this page just now via a Google search for ‘PayPal Account Security Measures ‘.
I’ve received three of these e-mails and that got my attention.
I never reveive email from paypal on a different email adress then the one that is connected to my account.

(*I changed my email address and email server address below to prevent further attacks)

===========================
Received: from pD953C53F.dip.t-dialin.net ([217.83.197.63]) by *********** with NetIQ MailMarshal (v5.5.3.16)
id ; Wed, 17 Sep 2003 22:04:09 +0200
Received: from os-s.com [50.97.87.27] by pD953C53F.dip.t-dialin.net (Postfix) with ESMTP id CBB074421A14 for ********; Thu, 18 Sep 2003 04:02:18 +0000

===========================

I’ve reported the attempted fraud to PayPal to.

Olav

Got the same at Sept. 17
Received: from compuserve.com ([147.175.49.97])

Damn Frauds.
lucky the redirect didn’t work. so I didn’t risk my details.
better maybe for paypal to move to secured email (certified etc..) or post msgs in their system only.

Nir.

Found this page through the usual means. I didn’t note the message date, but I got the same spam in mid/late September.

I received this one today, and was about to enter my data when I saw it wasnt on a https site.

The page looks authentic, it comes from service@paypal and has the working links to the end user agreement, does the “processing login” thingy and all the other stuff.

dammit, i fell for it. I did it last night. What should I do now?

I fell for it! Thieves stole $1,600.00 in one day from my checking account.
Now, I have to cancel all my credit cards, flag my credit report, etc……WHAT A NIGHTMARE!!!

I just got that bogus request from service@paypal.com. It came in my bulk mail.

I received two of these in the last week so they are still at it. The first one came address “Dear Paypal User” so I knew right away it was a scam. The second one came “Dear Janaorel@aol.com“. Again, I knew it was a scam and their note looked like crap with > all over it, but how much longer until they master it to the point where you can’t tell when you open it. If you never reply, are the sophisticated enough to get your information anyway?

I have recieved numerous e mails that I have made purchases and my credit card would be charged. I had never heard of PAY PAL. I have never and will never use PAY PAL. If any of these charges ever show up on my credit card I will notify my states ATTORNEY GENERAL !!!

Found this page through the search engines. Just some tips here. (Note to site owner, my email given above is not valid to prevent harvesting and to prevent spam.)

Yes, a lot of fraudulent email does “appear” to come from Paypal and usually the links within such email are phoney or located in some other country. Never, repeat never, click on any of those links, and if possible, never open any such emails. If you don’t use Paypal then do not open any email that shows the from as paypal.

A few tips. (Instead of Outlook Express which I don’t even have installed on my computer, I use Pegasus Mail). I believe it can be done with Outlook too, read on.

Pegasus allows me to see any incoming email within its list. For suspicious email I highlight (select) it, then I use the option to send to my (PC) desktop as a separate file. Then I can open it safely (without anything executing or confirming my email address) in Notepad. Open in Notepad I can then see all hidden code of the email, including links in the text and the “header” of the email.

Through online lookup sources I can then look up the IP numbers in the header (first received line can not be forged and is the real source) and I can look up IP numbers or domain names given as the clickable links in the text portion. In most cases, most will be actually from Asia (China, TW, JP, etc) and same goes for the links. Once I view safely in Notepad the suspicious email and do the lookups, I then know for sure that it was spam or a fraudulent email.

In most cases where the fraud email has its fake links that are really in Asia, reporting to Paypal is useless. China and other countries do nothing about it, thus Paypal or other “real” companies do nothing about those. The “true” originating IP (first received line in the header portion) might be a US site, and if you are in the US, then a report to the abuse site of that service might possibly take action (if they’re a good company, but if they promote or allow spammers then just forget about reporting to them). If you “do” report a spam to the true originating source, go those the hosting service site and use their abuse email.

Never, repeat never, click on any “remove links” and never hit reply to any email that is spam or that may be fraudulent. To do so may just confirm your email, or your reply may go to an innocent person (from email addresses are often fake).

If you don’t use Pegasus Mail, but you “do” use Outlook, I believe when it shows the list of incoming emails that you can right click upon a suspicious email and then select “header” or similar to see the header info showing where the email really came from. The header is normally not seen. Not sure if you can save to desktop an incoming email “without” first opening it, but maybe other Outlook users may know.

If you use Yahoo or other browser email. (I do have also a yahoo email.) You cannot see the header information until AFTER having first opened an email. Yahoo should improve that so you could right click an item in the inbox list to view the header before opening the suspicious email.

Other companies are abused like Paypal. Fraud emails similate loan companies, Ebay, banks, and other businesses. If you don’t use Ebay (as an example) or have not applied for a loan, then simply delete any email that appears to be from one of those or related without even opening the email. Often spammers or those committing fraud send out to every email that exists, even to nonexisting emails.

Now, an added item of my own related to the real Paypal and on the topic of spam, but first a little more info.

One way of getting spam is to give your email to a company or site without first checking their privacy policy (they may share with partners or they may simply give their lists to just about anyone). Always check site policies before giving your email. If you can not find their policy then phone them first. If no luck or you don’t like their policies, then try another company. A lot has been written previously on that topic.

The other way of getting spam is when people send out an email or forward one TO SEVERAL people on their list. Bad, bad, bad. If you send to Bob, Bill, Mary, Jane, and others in the TO portion, and they did the same, somewhere down the list it might get to someone who collects emails for spamming. Or, someone could get a virus on their computer and there is a complete list the virus could send out to. If sending an email to several or many people, PLEASE use a distribution list, or send the first TO only one person and put all the other people in the BCC (blind carbon copy) portion. Investigate your email program to learn how to do either of those ways.

The other way of getting spam is to have a website and have your email posted on the site as a clickable link. The hidden code for such clickable email link contains the “mailto:” command and of course an email contains the @ sign. Spam “bots” are programs that search all sites looking for that hidden command or they look for the @ sign. When they find either they collect the email.

Here is my complaint against Paypal. Ecommerce sites that use an “add to cart” button for Paypal are all affected. And, it is really the problem of Paypal, the way that they keep track of any online ecommerce site that uses paypal shopping cart. The Paypal code identifies sites by their email address. Not by the domain name and not by a paypal account number. Spam bots can harvest your email address. Simply, when viewing any web page that uses the “add to cart” button for Paypal, use the Internet Explorer “View Source” (at top of browser) to see the page code. You will find each and every item that has such “add to cart” button will contain code and the email address of the ecommerce site owner. That email can be harvested.

I’ve written a page against Paypal on that topic. Go to http://www.riverpages.com/ and click on “If it doesn’t fit” button, then click on the “Paypal spam risk” button. It is the responsibility of Paypal (now Ebay) to change their way of identifying a site. Either domain name could be used or an account number. Email address should not have been used because it can be harvested by spam bots.

If you have an ecommerce site that uses paypal, then check out my complaint, investigate your own pages (do the View Source with IE browser), then complain to Paypal and get them to fix that problem. They caused the problem out of sure stupidity and negligence and poor planning and coding. The fix would be easy for them to implement. All accounts could be automatically be assigned an account number and they could add some code to their routines, then it would be a simple matter for sites to change their email for the cart buttons to the account number. Alternatively they could allow just domain name (instead of the email) for unique sites or unique emails.

Hope this has been helpful. I submitted this page without a valid email to prevent spam and I hope it will be posted here so that it may help others.

Best regards to everyone.

Please remember that these email are “spoofs” – “Phishing.” You will never get an email from your
secure account asking you for infortmation that they should have. You should question such a request.
Go to the legitimate website of an account in question and look for a legitimated reporting email address.
In the case of PayPal write to
and they will reply. The other thing is, they [the culprits] know nothing about you – they are “Fishing” – they get their email addressess from computer generated software programs. DO REPORT THEM – TO pAYpAL IN THIS CASE. Pay Pal will investigate. BUT DON”T be foolish and give anyone any information because of an email. If you do, KNOCK KNOCK, there is no body home upstairs. Use your good judgement. You can always Google / or Yahoo your question and look it up. Best of luck.

I’m receiving numerous copies of this spam. I haven’t fallen for it but I’m wondering if it’s OK to block all messages from “service@paypal.com” or is this an actual address that PayPal might use to send an authentic email to me?

Thanks,

Jen

I just received a e-mail from Pay Pal Shopping Cart Contents saying a purchase was charged to my account using PayPal for $249. I don’t have a PayPal account , so is this for real?

Yeah, I had two of those e-mails today, I had been charged $249 for some phone, I don’t have any Paypal account and the email address was “service@paypal.com”. God I hate this sh*t