possible paypal scam

[the loon]

service@paypal.com

This address is sending out emails asking for paypal log in confirmation etc

use the link on the mail and takes you to
<link removed.... just in case it is nasty ;-)>
Yeah like thats a paypal address

will these people never learn?

 :roll:  ](*,)  :roll:

[gecko]

there is one from ebay that is the same i have to emails one for this and friends and one for ebay and so on well the one for here has emails from paypal and ebay and ive never yesed that email address on there coners i think

[the loon]

reported to paypal and they sent box standard reply but as we thought its not one of theres

[MattW]

Many are more clever than this - never follow links from emails and if you do always look at the address of the website it takes you to. If it is legit it will be on a https:// address instead of http://. https:// is a secure server address.

The clever one I had recently took me to paypal like site but the address was  " paypal-login.secure.net " the sneaky "little people". Obviously it should be www.paypal.com

I've now had about 30 fraud emails from people claiming to be banks, Ebay, Paypal or NOChex - how do they know which banks I use?

Matt

[muddyweb]

They don't know which banks you use... it's the 'shotgun' aproach to emailing...

We get (literally) thousands of these a day through our mail servers...   they just pick all the banks and all the cards and send them to all the people....  law of averages says that at least some of the people they hit will bank with hsbc, or use a citicard....   thankfully most of them get blocked and dumped :-)

We also have a fine collection of eBay, Paypal and Amazon phishing emails full of nice links for you to follow.

As mentioned... never click a link in an email unless you are absolutely, 100% sure of it's source.,.

[datalas]

As mentioned... never click a link in an email unless you are absolutely, 100% sure of it's source.,.

Even then, I probably wouldn't bother :(  

I would generally say that no company worth it's salt will choose to contact their customers via email, it is so easy to forge it's comical.  Recent browser exploits of late have also made it easier since it is possible to forge the link.

I won't get too technical but one of the more recent vulnerabilities (which affects firefox, mozilla et al) is the IDN (International Domain Name) system, where by a letter in a domain such as "paypal" is replaced for one that looks similar, but is actually different.  for example p*ypal, where the first a is indistinguishable from a normal letter "a".

This means that there is *no* way for your average, advanced or indeed just about any punter to spot the difference.

This is of course just one of the latest exploits and the browsers have already been patched to workaround the problem, however I was using it as an example that further to what muddyweb said..  if you want to go to a website, type it in yourself :(

[Wanderer]

I'm in total agreement Daz but Egg (usually) only contact you via email as to get their banking license they have to use email and t'internet.

At least that's what one of their operatives told me.

Maybe Ben can confirm or deny.

Ed

[datalas]

there is of course a difference between "hello" and "enter your account details, address, signiture, mothers maiden name and any other relevant personal information in this here form" definitions of "contact" :)

Be very warey is what I'm saying, and if you do get an email telling you to test your ebay, paypal, bank or whatever details (even the mud-club ones) then navigate to the relevant site / organisation by your own means.  If in doubt, go to their site directly, discover your account contact and ask them directly if they emailed you.

Banks can take nine and a half years to cash a cheque so if you have to add a days delay whilst they confirm they were trying to get hold of you then so what ?

[MattW]

They don't know which banks you use...

Scarily enough I've only had fraud emails claiming to be from the 2 banks I actually have accounts with.

Matt

[Wanderer]

What makes me laugh is when they ring you and the conversation goes like this.

Hello Mr ????? My name is John from (insert your own company) and I'd like to speak to you. Can you confirm your name address and Mother's maiden name.

Me... Yeah right and how do I know that you're who you are. Can I have your name address and Mother's maiden name?

Them.... Err no that's not the way it works.

Me.. Work it out! I don't know who the hell you are and I'm not giving you any of my details... Write to me if you need to speak to me. Goodbye!

Does my head in...

Ed

[Barry Scott]

I hate these emails but you can usually spot a bad fake by just hovering your mouse over the link, if it says one thing but actualliy links to another, take care.  It is easy to do in a HTML email and would look just like this http://www.ebay.co.uk.  

I normally avoid even click the link as opening the page may send a referrer ID in the link to a database to confirm the page has been viewed and therefore the email address is valid.

[Spooky]

I had one of those 'Your account will be frozen if you don't enter your details' e-mails from 'E-bay' yesterday ... Chucked it in the bin rather rapidly! :roll:

[Ben]

I'm in total agreement Daz but Egg (usually) only contact you via email as to get their banking license they have to use email and t'internet.

At least that's what one of their operatives told me.

Maybe Ben can confirm or deny.

Ed

Egg do use email a heck of a lot for contacting their customers. I'm not certain of the link to the banking licence, so I can't confirm or deny that this is the case. There is a statement on their web site relating to email scams (phishing). If you go to http://www.egg.com and click on "Security and Privacy" on the top menu, it will tell you more.

One piece of advice I'd give to anyone is that if you are approached over email to review your account, don't click on the link in the email - open up a new browser window instead, and type the web address in manually - the one you know to be correct. So, when you get your statement notification email from egg each month, open up internet explorer, and type in www .egg .com (without the spaces :D ), sign on in the normal way, and then check your statement.

I got "got" by an eBay scammer about 6 months ago, and as soon as I realised I hadn't gone through to the eBay site went round and changed pretty much every password on every account anywhere. It was a right pain :(
So I follow the above procedure every time now.

It only takes a second of carelessness to give these scammers what they need - be vigilant.

Cheers

Ben

[Ben]

I normally avoid even click the link as opening the page may send a referrer ID in the link to a database to confirm the page has been viewed and therefore the email address is valid.

Some companies / scammers embedd a link to a single pixel "blank" image for tracking. So you don't even have to click on the link for them to know that the email has been opened, and so therefore the account is active.

There's a lot to be said for text only email clients...

Cheers

Ben

[datalas]

it is for that reason that thunderbird will disable images by default.

Note, if you're running outlook I would recommend you find a program which replaces the standard viewer with a text-only one (the name of it escapes me at present) which eliminates some of the problems with the html renderer and graphics retrieval etc.

[Ben]

I use Outlook, but all the email I receive passes through a "spam" engine called K9 before getting to outlook. Anything I'm unsure of, I open in K9 (it stores all of the email it's checked), which is text based.

I don't have the details of K9 at work - it's on my home PC - if anyone's interested, send me a PM to remind me, and next time I'm at the PC I'll get the details off it.

Cheers

Ben