Gladiator Security Forum > Fake PayPal letter.

Gladiator Security Forum > General Security > Security for beginners

odidio

Apr 22 2007, 11:00 PM

Recently I received two letters that looked like what had very legit PayPal logos and even a copyright notice at the bottom.

This is obviously a fake.

Here is a copy of the letter, (link removed).

QUOTE

Dear PayPal Member

We are currently performing regular maintenance of our security measures. Your account has been selected to be verified and you will now have to be taken to a series of verification process to validate your identity, if you want to continue to use your account normally. If we don't receive any response from you we are allowed to suspend your account. A verification page will appear after you Log In into your account.

Protecting the security of your account is our primary concern, and we apologize for any inconvenience this may cause

Please Click Here and Log In

Copyright © 1999-2007 PayPal. All rights reserved.

I copy pasted the link and you get to a very real looking PayPal page...but...

Nebon

Apr 23 2007, 06:50 AM

Here are some fraud prevention tips from Paypal:
http://www.paypal.com/cgi-bin/webscr?cmd=p...vention-outside

Nebon

Apr 23 2007, 06:04 PM

One tip that applies to this letter in pirticular is:

QUOTE

Look for a PayPal Greeting: PayPal will never send an email with the greeting "Dear PayPal User" or "Dear PayPal Member." Real PayPal emails will address you by your first and last name or the business name associated with your PayPal account. If you believe you have received a fraudulent email, please forward the entire email—including the header information—to spoof@paypal.com. We investigate every spoof reported. Please note that the automatic response you get from us may not address you by name.

Here it is from your letter:

QUOTE

Dear PayPal Member

odidio

May 6 2007, 03:54 PM

Thanks Nebon, those are good things to read and remember.

Here is another example of what I get.

If you receive an email like this, do NOT respond, it is fraudulent.

Dear PayPal Member,

This email confirms that you have sent an eBay payment of $47.85 USD to
harris2727@aol.com for an eBay item.

-----------------------------------
Payment Details
-----------------------------------

Amount: $47.85 USD

Transaction ID: 2LC956793J776333Y

Subject: Digimax 130

Note:
If you haven't authorized this charge ,click the link below to dispute transaction
and get full refund

Dispute transaction (Encrypted Link )

*SSL connection:
PayPal automatically encrypts your confidential information
in transit from your computer to ours using the Secure
Sockets Layer protocol (SSL) with an encryption key length
of 128-bits (the highest level commercially available)

-----------------------------------
Item Information
-----------------------------------

eBay User ID: scratchandgnaw2

----------------------------------------------------------------
Edward Harrell's UNCONFIRMED Address
----------------------------------------------------------------

Edward Harrell
211 David St.
Springtown, TX 76082
United States

Important Note: Edward Harrell has provided an Unconfirmed Address. If
you are planning on shipping items to Edward Harrell, please check the
Transaction Details page of this payment to find out whether you will
be covered by the PayPal Seller Protection Policy.

----------------------------------------------------------------
This payment was sent using your bank account.

By using your bank account to send money, you just:

- Paid easily and securely

- Sent money faster than writing and mailing paper checks
- Paid instantly -- your purchase won't show up on bills at the end of
the month.

Thanks for using your bank account!

----------------------------------------------------------------

Thank you for using PayPal!
The PayPal Team
PayPal Email ID PP118

:furious:

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.