Is there any money left?

The internet, and my part in its downfall

Is there any money left? |  Resources  |  Subscribe: RSS Feed RSS icon   
Beach Web Design Home
« Email spoofing - Spammers are pretending to be me
Avalanche of Spam »

Fake PayPal phishing scam

It’s been that kind of week.

Following hot on the heels of the email spoofing incident, I received this fake email pretending to be from PayPal, with the subject line ‘Account Authentication Required’:

[PayPal logo was copied here]

Dear PayPal Customer,

Due to recent fraudulent activities on some of PayPal online
accounts we are launching a new security system to make
PayPal online accounts more secure and safe. Before we can
activate it we will be checking all PayPal online accounts to confirm
the authenticity of the holder.

We will require a confirmation that your account has not been
stolen or hacked. Your account has not been suspended or frozen.

To confirm your account status please Login

-complete the required information to authenticate and reset your account

-make sure your account balance has not been changed

-make sure your details have not been changed

-review recent transactions in your account history for any unauthorized
transfer

If you find any type of suspicious activities please contact us immediately.
Please include in your message your account number, your account name
and the unauthorized transfer date & time.

Please do not reply to this message. For any inquiries, contact Customer Service.

PayPal Copyright © 2007

Although the ‘reply-to’ field says PayPal, the email address given is ‘account2 @payprocorp.com’ (though as I’ve learned, reply-to addresses can be faked to look like anyone). Links in emails such as this (see the ‘Login’ link) will often lead to a fake website designed to trick you into entering your account details. PayPal, like online banks and eBay, advise against ever trying to log into your account from an emailed link. Instead, they recommend always going directly to the website. Pay Pal themselves say:

Many phishing emails have links that look valid, but send you to fraudulent sites instead. Here’s what you should do: Open a new browser window, type https://www.paypal.com and log in to your PayPal account directly.

Try out PayPal’s ‘Can you spot Phishing?’ Challenge.


PayPal’s web page on security and protecting against identity theft, fraud and phishing is here.

EBay also provide a very clear and helpful tutorial on recognising spoof emails and fake websites.

Slashdot: New Targeted E-mail Attack Hits Business Execs

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

This entry was posted on Saturday, June 16th, 2007 at 4:57 pm and is filed under Electronic Payment, Scams, Security, Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Similar posts to 'Fake PayPal phishing scam'

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word