PayPal account security measures phishing scam alert

Posted on May 14, 2007
Filed Under Paid Blogging |



PayPal users will most likely have received an email apparently from abuse with the subject PayPal account security measures. It is not from PayPal but a phishing scam from Beijing, China - the email IP origin.

What is phishing?
From PayPal’s security centre, “Phishing is a form of fraud designed to steal your identity. It works by using false pretenses to get you to disclose sensitive personal information, such as credit and debit card numbers, account passwords, or Social Security numbers.

One of the most common phishing scams involves sending a fraudulent email that claims to be from a well-known company. Phishing can also be carried out in person, over the phone, through fraudulent pop-up windows, and websites.”

Free Image Hosting at allyoucanupload.com

The fraud email claims that there have been repeated unauthorised attempts at logging in to your PayPal account and therefore you need to go to a certain website to secure your account. Here’s the phishing email:

Military Grade Encryption is Only the Start

At PayPal, we want to increase your security and comfort level with every transaction. From our Buyer and Seller Protection Policies to our Verification and Reputation systems, we’ll help to keep you safe.

We have recently noticed one or more attempts to log into your PayPal account from a foreign IP address and we have reasons to believe that your account may have been hijacked by a third party without your authorization.

If you recently accessed your account while traveling, the unusual login in attempts may have been initiated by you. However, if you are the rightful holder of the account, click on the link below to log into your account within the above-mentioned period.

Click here to Secure your account

http://dezandgravertjes.nl/www.paypal.com/secure-login/

If you choose to ignore our request, you leave us no choice but to temporaly suspend your account.

We ask that you allow at least 72 hours for the case to be investigated and we strongly recommend to verify your account in that time.

If you received this notice and you are not the authorized account holder, please be aware that it is in violation of PayPal policy to represent oneself as another PayPal user. Such action may also be in violation of local, national, and/or international law. PayPal is committed to assist law enforcement with any inquires related to attempts to misappropriate personal information with the intent to commit fraud or theft. Information will be provided at the request of law enforcement agencies to ensure that perpetrators are prosecuted to the fullest extent of the law.

Thanks for your patience and understanding as we work together to protect your account.

Sincerely,
PayPal Account Review Department
PayPal, an eBay Company

As with fake DVDs, there are spelling errors in the phishing email. The scary thing is, the link provided is a redirection to what looks like the actual PayPal site. If you try entering some fake email and password such as “dieyoubloody”, like I did, you will still be taken to the page to enter your credit card details.

So be warned and keep yourself informed of online scams.

Related Posts

  • Sponsored Post - Using credit cards
  • With credit card fraud becoming more common on the internet, many people are hesitant about using credit cards even with

  • SecureZIP - The next generation of ZIP free download
  • You can never be too paranoid about keeping your data safe and secure these days with the proliferation of intrusions

  • Withdrawing PayPal funds into Singapore bank accounts
  • PayPal users who are withdrawing money from their PayPal account into Singapore bank accounts must take note of several important

    Tags: , ,




    Comments

    4 Responses to “PayPal account security measures phishing scam alert”

    1. Michael Durnack on May 14th, 2007 12:52 pm

      Incredibly phishing is still on the rise, even as more and more people hear about it. Phising sites (the actual site you end up at if you unwittingly click on the link in the email) are increasing up 900% from a year ago. It is still one of the best plays in town.

      Paypal cannot get their hands around it because if people continue to hand out the account information, they are all but helpless in stopping them.

      While banks also make a good phishing target, Paypal is the grandady because of the shear volume of accounts. Odds are a lot better that a Paypal email will hit the mark vs. a national or regional bank matching a person who has an account.

      People need to stop reacting to emails emotionally. People react to phishing emails, because the thought of being inconvenienced obviously takes precedence over logic and plain common sense.

      There is also spear phishing:
      A highly targeted phishing attack. Spear phishers send email to all the employees or members within a certain company, government agency, or organization.

      The message might look like it comes from your employer, or from a colleague who might send a message to everyone in the organization, such as the head of HR or the person who manages the computer systems, and could include requests for user names or passwords.

      While traditional phishing scams are designed to steal information from individuals, spear phishing scams can possibly work to gain access to a company’s entire computer system.

      If you respond with a user name or password, or if you click links or open attachments in a spear phishing email, pop-up window, or Web site, you might become a victim of identity theft and you might put your employer at risk.

      Spear phishing also targets people who use a specific web site. Identity thieves will use any information they can to personalize a phishing scam to as specific a group as possible.

      It is up to the individual to defend themselves.

    2. Ernest Chee on May 14th, 2007 1:01 pm

      I got exactly the same email and the site they asked me to log in was just http://www.paypal.com/secure-login/ . I almost finish keying the password than I felt uneasy, so I manually typed in www.paypal.com and looked for any news about this. Thank god I didn’t.

      Yes yes, the phishing website looks exactly the same, because I compared the 2 website together and phew….It’s really the same. I don’t understand why China and Nigeria has so such intelligent idiots around. I wonder how much money have they conned so far.

      Anyway, good thing you alerted the readers about this, otherwise the consequences might be disastrous.

    3. emigre on May 14th, 2007 1:55 pm

      With over 100 million PayPal users, they just need a small percentage of careless users to key in their credit card numbers and it’ll still be worth it. Let’s say out of 100 million, only 0.5 percent fell for this scam. That’s 500 000 credit card numbers.

    4. emigre on May 14th, 2007 1:57 pm

      Thanks for the information Michael. Some phishing aspects I didn’t know till now.

    Leave a Reply




     Subscribe Full RSS Blog Feed

    Enter your email address:

    Delivered by FeedBurner

    Page copy protected against web site content infringement by Copyscape

    Comments

    Most Popular

    Recently Written

    Sitemap