I've been using Paypal since 2002 for fund transfer. I recently purchased some small items at ebay, and payment through Paypal worked perfectly.

Just a few minutes ago I got a "suspicious" email, supposedly from Paypal, with an "Account Suspended" on the subject line.

Part of the body of the message reads: "We require you to complete an account verification procedure as part of our security measure. You must click the link below to complete the process."

The link prompts me to enter my username and my password to start the process. At this point I got suspicious of the email, for 2 main reasons: 1) I went to Paypal's official page and there's no sign that my account had been suspended; 2) the link I was asked to click doesn't have the word "paypal" in the URL.

I understand that it is technically possible to "clone" the webpage of a financial company with the malicious intent of "harversting" usernames and passwords. Am I right?, anyone knows if this has happened before?, should I trust in that email?

Don't trust it - I had a similar one purporting to be from PayPal about a year ago. It will be a "phishing email�.

See: http://www.antiphishing.org/ and http://en.wikipedia.org/wiki/Phishing for more details.

Happens to me all the time - usually from 'banks' that are requesting my info.

When I first got them, I used to enter in fictious numbers and offensive words and jokes in the spaces they requested. :D

Now I just filter them away as spam and pay them no mind. If the bank has a problem, they'll call me or send a letter.

Originally posted by Darat
Don't trust it - I had a similar one purporting to be from PayPal about a year ago. It will be a "phishing email�.

See: http://www.antiphishing.org/ and http://en.wikipedia.org/wiki/Phishing for more details. Wow!, thanks. The second link provides an example, not sure if real or fictitious, of a phising email ....... precisely from PayPal!

Oh, I'm soooo much more lucky than you guys. I never get hoax mail at all. On the contrary, I often recieve email from Nigerian Kings and Presidents who want to give me half their kingdom or all their money for $10. How's that for luck, eeeeih? :D

Originally posted by Thomas
Oh, I'm soooo much more lucky than you guys. I never get hoax mail at all. On the contrary, I often recieve email from Nigerian Kings and Presidents who want to give me half their kingdom or all their money for $10. How's that for luck, eeeeih? :D

You too huh? And I thought I was the only one :o Ah well, I suppose I could share. Just leave me enough to buy all those pharmacueticals, stock tips and software they keep offering me as well. Apparently, I could save over 80% on them!!! :D

Originally posted by Kiless
If the bank has a problem, they'll call me or send a letter.

Eeeeexactly! Banks and other financial institutions never ask for account details by email - ever.

Originally posted by Ian Osborne
Eeeeexactly! Banks and other financial institutions never ask for account details by email - ever.

No but they do now have the habit of phoning you and saying "This is such a such a bank...." then before they will speak to you want you to answer some security questions, to which I always reply "How do I know you are calling from such and such a bank, what about if I ask you some security questions?"

Apparently it doesn’t work that way - quite often I'm told the Data Protection act prevents them or some such nonsense to which I just tell them "that’s your problem - goodbye".

I hate banks, credit card companies and anyone who tries to tell me a call centre has been set up for MY benefit!

Recently the scammers have been sending genuine Paypal messages, in the hope that spam filters will mark them as spam as well.

Check the Paypal or eBay security page. Sometimes you can forward the email to spoof@paypal.com.

I got suspicious because I got the email at an account I don't use for online transactions. Which is probably why I have about five email accounts

One for work
One for family/friends
The generic one the ISP gave me, which I can't change the name of (first initial, last name @ that account)
A hotmail account for online transactions
A hotmail account for one-time registrations if I need to see a web-page or something.

I've managed to avoid most spam on the hotmail accounts by choosing a made-up word, and NEVER posting it on any web page. Most spam goes to the generic account or the one-time one.

I get ticked if someone on the family/friends list sends a blanket or chain email to everyone on their account, when I see a lot of names I don't know. I usually ask them to blind cc everyone if they insist on doing that. Once an email is compromised it's almost impossible to clear.

Originally posted by Diamond
Recently the scammers have been sending genuine Paypal messages, in the hope that spam filters will mark them as spam as well. I forgot to mention that by clicking on the link I was redirected to a seemingly official PayPal page, same logo, same pictures, same colors, same fonts, same layout in general.

It's easy to fall in the trap for those who don't know better about internet scams. I backed off at the very last second.

Originally posted by alfaniner
Check the Paypal or eBay security page. Sometimes you can forward the email to spoof@paypal.com.Thanks!. I checked at PayPal website and found out some interesting tips. Their emails always include a personalized salutation, they address users by their name. In this case it was a "Dear PayPal User" salutation. That's enough to conclude that the email was indeed a fake. And yes, they provide that email address to report suspicious emails. I will do it in a minute.I got suspicious because I got the email at an account I don't use for online transactions. Which is probably why I have about five email accounts

One for work
One for family/friends
The generic one the ISP gave me, which I can't change the name of (first initial, last name @ that account)
A hotmail account for online transactions
A hotmail account for one-time registrations if I need to see a web-page or something.That's a good idea I will surely implement from now on. I have used only my ISP email for years, and it has circulated on chain mails many times.

Originally posted by Patricio Elicer
I forgot to mention that by clicking on the link I was redirected to a seemingly official PayPal page, same logo, same pictures, same colors, same fonts, same layout in general.

It's easy to fall in the trap for those who don't know better about internet scams. I backed off at the very last second.

Even clicking on the link can be a bad thing, often it'll lead to a site that's more than happy to fill your PCwith as many Trojans, keyloggers and general Malware as it's got. Trying not to be an alarmist but a quick Adaware (http://www.lavasoftusa.com/) and HijackThis (http://www.spywareinfo.com/downloads.php?cat=sp#s-p) scan will only take 5 minutes and in these sort of situations it's always 'better safe than sorry' (Go here (http://www.hijackthis.de/en) for an online HijackThis log analysis)

I get 3-5 of these sort of things a week, partially from buying stuff online and geting my address sold from less scrupulous sites partially due to my main e-mail address being my.name@myisp.net and 11 years old. One thing that has helped me greatly the past couple of years is a program called Mailwasher (was free, now costs :() which has quite a few useful features.
1) Integrates with Spamcop for common bad addresses
2) Ability to easily see the actual URL, not just the disguised "www.paypal.com"
3) You can read an e-mail and bounce it, thus the phishers will get an "Unknown address" message, hopefully pulling your name off the lists in the future

(BTW - the other thing that's helped me spot these frauds in the past is they always seem to be from banks that I'm not a member of and no I don't have a Paypal account either ;))

Finally I'd always suggest you check the banks actual website and do a search for 'Phishing', often there's an e-mail address you can foward the fake e-mail to so that they're able to put a stop to it as quickly as possible.


EDIT: Quick check has revealed that a handy website called "Last Freeware Version" has a copy of Mailwasher (http://www.321download.com/LastFreeware/page2.html)

Originally posted by Mongrel
Even clicking on the link can be a bad thing, often it'll lead to a site that's more than happy to fill your PCwith as many Trojans, keyloggers and general Malware as it's got. Trying not to be an alarmist but a quick Adaware (http://www.lavasoftusa.com/) and HijackThis (http://www.spywareinfo.com/downloads.php?cat=sp#s-p) scan will only take 5 minutes and in these sort of situations it's always 'better safe than sorry' (Go here (http://www.hijackthis.de/en) for an online HijackThis log analysis)

I get 3-5 of these sort of things a week, partially from buying stuff online and geting my address sold from less scrupulous sites partially due to my main e-mail address being my.name@myisp.net and 11 years old. One thing that has helped me greatly the past couple of years is a program called Mailwasher (was free, now costs :() which has quite a few useful features.
1) Integrates with Spamcop for common bad addresses
2) Ability to easily see the actual URL, not just the disguised "www.paypal.com"
3) You can read an e-mail and bounce it, thus the phishers will get an "Unknown address" message, hopefully pulling your name off the lists in the future

(BTW - the other thing that's helped me spot these frauds in the past is they always seem to be from banks that I'm not a member of and no I don't have a Paypal account either ;))

Finally I'd always suggest you check the banks actual website and do a search for 'Phishing', often there's an e-mail address you can foward the fake e-mail to so that they're able to put a stop to it as quickly as possible.


EDIT: Quick check has revealed that a handy website called "Last Freeware Version" has a copy of Mailwasher (http://www.321download.com/LastFreeware/page2.html) Thanks for the tips, it's certainly helpful to have it all in mind.

What really saved me from falling for the fraud was a newspaper article I saw a long time ago, to which I paid very little attention but anyway there was a bit of a recollection left in my brain.

Originally posted by Patricio Elicer
I've been using Paypal since 2002 for fund transfer. I recently purchased some small items at ebay, and payment through Paypal worked perfectly.

Just a few minutes ago I got a "suspicious" email, supposedly from Paypal, with an "Account Suspended" on the subject line.

Part of the body of the message reads: "We require you to complete an account verification procedure as part of our security measure. You must click the link below to complete the process."

The link prompts me to enter my username and my password to start the process. At this point I got suspicious of the email, for 2 main reasons: 1) I went to Paypal's official page and there's no sign that my account had been suspended; 2) the link I was asked to click doesn't have the word "paypal" in the URL.

I understand that it is technically possible to "clone" the webpage of a financial company with the malicious intent of "harversting" usernames and passwords. Am I right?, anyone knows if this has happened before?, should I trust in that email?
What e-mail service do you use? I know some (G-mail for one) have a "report phishing" link in the e-mail viewing area to help them block future phishing scams from those people.

Originally posted by NickW
What e-mail service do you use? I know some (G-mail for one) have a "report phishing" link in the e-mail viewing area to help them block future phishing scams from those people. I've been using the email account provided by my ISP for years, maybe it has that feature as well. I'll check it out.

Anyway, it's not that serious now that I'm aware of this "phishing" thing.

BTW, just a moment ago I got a second fake email saying that for "security reasons" PayPal will ask me for my credit card and bank account information monthly, LOL!! :D:D

I reported both emails to PayPal and they confirmed they are fakes.

I've been getting ones to re-confirm my Ebay account details from an email address that I don't use on Ebay.

They even attempt to hide the fake URL by drawing the real URL text on the screen where they think the address bar should be. My screen resolution is so high that they draw it floating half way between the address and the main window.

I am feeling lonely (not loony). I do not get my quota of such e-mails. What am I doing wrong?

Originally posted by rjh01
I am feeling lonely (not loony). I do not get my quota of such e-mails. What am I doing wrong?

Not enough Pr0n :p

I just got three PayPal emails, and 1 CitiBank email. Anyone want them? :p

Originally posted by Whyatica
I just got three PayPal emails, and 1 CitiBank email. Anyone want them? :p
How did the people who sent you these e-mails get your address and not mine? Is it the fact that you live in USA and I do not or is there something else? Have you visited any porn sites or something similar? I did once and started getting spam.

I always report these scams to PayPal, the bank, etc., or try to. I have it down to a science. Under Outlook Express, I have adopted the convention that "*** spoof" (without the quotes) gives the forwarding address for that bank, etc. Thus my address book has an entry for "PayPal spoof" (without the quotes), "Citibank spoof" (without the quotes), etc. Sometimes the reply will be that it is an authentic e-mail, probably captured and forwarded by scammers to cause confusion.

Tom Jones

Originally posted by Patricio Elicer
I understand that it is technically possible to "clone" the webpage of a financial company with the malicious intent of "harversting" usernames and passwords. Am I right?, anyone knows if this has happened before?, should I trust in that email?

I get numerous along those lines. Because PAYPAL is a common tool used on the internet spammers can send out thousands to active emails. If you notice they don't even put your name in the email. Just move your mouse over the link and it pops up with the real address it'll take you to, whcih are not on the PAYPAL.com server.

When in doubt though never click on the link. Go to PAYPAL.com (or any site) and log in the usual way. There will be a note on yoru account if there is a problem.

Has anyone gotten such an email from "Paypal" without having a Paypal account?

I get stuff like this occasionally. Since I have Paypal and eBay accounts, I always look at them. I even got one 'from' the bank I have an account with.
When I see these, I always bring up the page in the e-mail (I'm quite safe in Opera), and I try to strip out any codes the URL might be using to identify the e-mail address it was sent to. I'll look at the page's source, and try to determine where the form is sending the data, then navigate there manually. If the page is active (half the time, the site is already down), I'll fill in the phisher's forms with insults and fake info, then foward the phishing e-mails to the company they're masquerading as and any webhosts involved to tell them they're hosting a phishing site. It's usually gone by the next day.

Originally posted by CFLarsen
Has anyone gotten such an email from "Paypal" without having a Paypal account?
I have, Claus. Never had a Paypal account, but I've gotten several messages saying my accout was about to be suspended.

Same thing with Ebay. I don't have an account there either.

There goeth the theory....

Originally posted by rjh01
How did the people who sent you these e-mails get your address and not mine? Is it the fact that you live in USA and I do not or is there something else? Have you visited any porn sites or something similar? I did once and started getting spam.

My email address isn't particularly creative, it's my first two initials and last name. Spammers like having programs try lots of combinations of initials and last names, and when they find one that doesn't bounce the email, keeps spamming it. Plus my email has been posted on a few public boards. I use my Gmail account as a trash bin for the most part.

I had a couple of e-mail addresses on myrealbox.com. All was going swimmingly until one of the administrators replied to a spammer and cc'd all the accounts in myrealbox :rolleyes:

Originally posted by rjh01
How did the people who sent you these e-mails get your address and not mine? Is it the fact that you live in USA and I do not or is there something else? Have you visited any porn sites or something similar? I did once and started getting spam. I certainly don't live in the US, and don't visit porn sites (well, haven't done so in a veeeery long time ;)).

I've used PayPal twice so far. The first time was in 2002 to send money to the JREF. Then my account went dormant for 3 years, till last July when I used it to buy stuff at ebay. Shortly after that, I got two fake emails.

I don't want to fall for a "Post-hoc" fallacy and blame ebay, but I can't help but think of a possible connection.

Originally posted by Mr. Skinny
I have, Claus. Never had a Paypal account, but I've gotten several messages saying my accout was about to be suspended.

Same thing with Ebay. I don't have an account there either.

Guys, you're ignoring how spamming works. If one out of 100,000 spams results in a hit, the spammer makes a profit. Therefore, it doesn't matter how ill-targetted the spam is, it will be appropriate to *someone* who recieves it, almost certainly many someones. Something like Paypal and Ebay, a distribution list of 100,000 names is going to reach more members than not. So what, if 25,000 people on that list don't have accounts? 75,000 do, and the chance of getting a response from that size sample is pretty good.