Good grief....paypal spoofs

well i had avoided them till today i got an official message that looked like this…
From: PayPal Billing <billing.sec@paypal.corn>

Reply-To: billing.sec@paypal.com
To: myemail deleted :wink:
Date: Sep 7, 2006 2:59 PM
Subject: Please Note
Dear valued PayPal® member:

Due to concerns, for the safety and integrity of the paypal
account we have issued this warning message.

It has come to our attention that your PayPal® account information needs to be
updated as part of our continuing commitment to protect your account and to
reduce the instance of fraud on our website. If you could please take 5-10 minutes
out of your online experience and update your personal records you will not run into
any future problems with the online service.

However, failure to update your records will result in account suspension.
Please update your records on or before September 15, 2006.

http://www.paypal.com/cgi-bin/webscr?cmd=login_run

Thank You.

and i sent it to spoof @paypal

and they sent me one back saying

Thank you for contacting PayPal about a fraudulent (spoof) email or Web
site. We appreciate you bringing this suspicious email to our attention.

We can confirm that the email you received was not sent by PayPal. Any
website which may be linked to this email is not authorized or used by
PayPal.

Our fraud prevention team is working to disable any website linked to
this email. In the meantime, please do not enter any information into
this website. If you have already done so, you should immediately log
into your PayPal account and change your password, as well as your
security questions and answers. We also recommend that you contact your
bank and credit card company immediately.

Please follow the instructions below to report an unauthorized
transaction associated with your PayPal account:

If you are able to log into your PayPal account:

  1. Log in to your account at https://www.paypal.com
  2. Select the “Resolution Center” subtab.
  3. Click “Open a dispute.”
  4. Select “Unauthorized transaction,” then click “Continue.”
  5. Enter or select the transaction ID for the transaction you would like
    to dispute, then click “Continue.”
  6. Complete the report for Unauthorized Use on a PayPal Account, then
    click “Continue.”
  7. Confirm that the claim is correct, then click “Submit.”

If you cannot log in to your account, follow the instructions below to
report an unauthorized transaction associated with your PayPal account:

  1. Go to https://www.paypal.com/
  2. Click on the “Security Center” link located at the bottom of any
    page.
  3. Under the “Report a Problem” column, click on “Unauthorized
    Transaction.”
  4. Click “Continue” under “Unable to log in?”
  5. Confirm that the transaction in question is unauthorized then click
    “Continue.”
  6. Complete the report for Unauthorized Use on a PayPal Account, then
    click “Preview.”
  7. Confirm that the claim is correct, then click “Submit.”
  8. Confirm your account ownership by entering the financial information
    requested, then click “Continue.”

Lastly, we recommend taking a few steps to protect yourself from
identity theft:

  1. Download the SafetyBar, a toolbar for Outlook and Outlook Express,
    which identifies known spoof emails.
  2. Get eBay Toolbar with Account Guard which warns you when you’re on a
    potentially fraudulent (spoof) Web site.
  3. Sign up for Equifax Credit Alerts for PayPal Users, a program that
    provides an early warning detection system in the event of identity
    theft. Find out more by visiting the PayPal Identity Protection Center
    at www.paypal.com/idprotection.
  4. Frequently monitor your PayPal account for suspicious activity.

For additional tips please visit the PayPal Security Center at
https://www.paypal.com/security.

Thank you again for sending us your report. We appreciate your efforts
to keep PayPal safe.

Sincerely,

PayPal
PayPal Account Review Department

Hi S_S,

I have received quite a few of those emails from PP & ebay as well.

Dear valued PayPal® member:

They always tell me that if it is a genuine email from them, they will address you by name.

Regardless, I never respond to any of those, & I have never had probs. w/ my accounts. What I do is forward the email to pp/ebay, or more accurately;

"spoof@paypal.com"/ "spoof@ebay.com"

Just another phishing scheme…
Be careful out there…

regards, katzz :slight_smile:

Last week, I got 4 paypal (fakes) in one day! You would think that paypal and ebay would go after these butt heads…

They do.

But, the buttheads just use an IP, not a domain name.
They redirect access to ebay/paypal/etc through their own server & catch all the usernames/passwords and they are passed on to the real servers so it looks like a normal logon.