New variation of paypal scam email...be careful this is serious...

[deu12000]

I almost shit my pants when I read this. Within 3 seconds of getting this email I went to paypal (I typed it myself) and checked my account. It wasn't true. The reason why I was so nervous was because I had just added a new email today and of course it's the same email I got earlier today. Now I see how people can fall for this, if I didn't just from habit type it out myself, I would have falled for this. This is probably the first time I've ever gotten an email and within seconds went straight to the site. I was nervous I was thinking somebody is going to try to drain the bank account tied into the paypal, let me stop them fast. By the way the link that says it's https://paypal.com leads to http://www.sofia.com.br/webscr/update.html an exact copy of paypal.

From: [email protected]
Date: 01/08/06 21:41:32
To: me
Subject: You have added [email protected] to your Paypal account !!

New email address added to your account !
You have added [email protected] as a new email address for your
PayPal account.

If you did not authorize this change or if you need assistance with
your account, please contact PayPal customer service at:

https://www.paypal.com/row/wf/f=ap_email


Thank you for using PayPal!
The PayPal Team.


Please do not reply to this e-mail. Mail sent to this address cannot be
answered. For assistance, log in to your PayPal account and choose the
"Help" link in the header of any page.

----------------------------------------------------------------
PROTECT YOUR PASSWORD

NEVER give your password to anyone and ONLY log in at
https://www. paypal. com/ Protect yourself against fraudulent websites
by opening a new web browser (e.g. Internet Explorer or Netscape) and typing
in the PayPal URL every time you log in to your account.

----------------------------------------------------------------


PayPal Email ID PP1309

 

[Epic]

I got one the other day that was saying that someone from a foreign country was trying to access my account, but paypal doesn't even have that email address so I figured it was fake.

Anyway, thanks for letting us know!

 

[Namedelivery.com]

I would guesstimate that I have received the "You've added a new email address....." maybe 100 times.
I dont even open anything which says paypal in it anymore. I just delete.
If there was an issue with my PP account I would notice it when I am in my PP account.

 

[Chronos]

Yet another variant on the same scam

I used to receive very often such scams until I reported the situation to paypal a couple of times, then I'm receiving in daily basis the following email coming from different "ebay" sites which urls is not www.ebay.com:

eBay - Security Update, Please Read [Sun, 25 Dec 2005 22:56:23 -0500]

once clicked the URL it takes your to http://211.112.95.232:680/rock/e/
but everyday comes from different fake URLS (most of them chineses) to notify an impossible fraud because my targeted email is not registered at ebay.

Of particular interest is to know the message is not text but a scanned image mapped to look real but pointing to the scammer web as you may see through such email souce code:

<p><font face="Arial"><A HREF="https://signin.ebay.com/ws/eBayISAPI.dll?SignIn&sid=verify&co_partnerId=2&siteid=0"><font color="red"><b>MailScanner has detected a possible fraud attempt from "211.112.95.232:680" claiming to be</b></font> <map name="ujba"><area coords="0, 0, 646, 569" shape="rect" href="http://211.112.95.232:680/rock/e/"></map><img SRC="file://C:\SYSTEM\CALYPSO\HTMLDOCS\INBOUN~1\INDIST~1.GIF" border="0" usemap="#ujba"></A><font color="red"><b>MailScanner has detected a possible fraud attempt from "211.112.95.232:680" claiming to be</b></font> </a></font></p><p><font color="#FFFFF3">Getaway Miss World in 1867 don't go in 1907 </font></p></html>

Giving this result to make you bite the dust:

 

[Ray]

yea.. i get that ebay think alot... the even funnier thing is that i never registered with ebay.. so its like.. WTF... i seriously think that the goverment should do a better ob at cracking down on scamming... they seem to be moving really really slow at it..

 

[graywolf30]

I've gotten that very same PayPal email every day for the past 3-4 weeks. I've forwarded it on to spoof_PayPal with full headers each time, and am still getting them. I don't have much confidence that PayPal will be doing anything to stop these, however.

Last month, I received an email from PayPal isssuing me a "First Warning" for using my personal account to obtain a cash advance from a credit card or helping someone else to do it....the funny thing is, I don't have a bank account or credit card attached to my account, so my Premier account is nothing more than a savings account - I can't pull any money out. When I contacted them about it, they told me in their own sweet way, "Ve hav our vays of knowing these things", even when I pointed out that it would be imposssible......

*sigh* What can you do?

Renee

 

[napjones]

I got one today. However I always check the header info and saw it was not from paypal, just a spoofed email address and the links go to a phishing website used to capture your account info.

 

[weblord]

when it doubt type the url manually don't click

i got one again, how many times will i have to tell i don't have paypal
the offending url is:
http://194.185.112.226/alsitech/images/.cgi/www.PayPal.com/updates-paypal/index.html

Subject: Please Restore Your Account Access.

Sender: <[email protected]>

To:

From: "PayPal" <[email protected]>

X-Eon-DM: dm09

Received: from ibx.studioardea.it (151.38.151.89 [151.38.151.89])by dm09.mta.everyone.net (EON-INBOUND) with ESMTP id dm09.43c0092b.1f7badcfor <>; Tue, 17 Jan 2006 01:44:10 -0800 (PST)

by ibx.studioardea.it (Postfix, from userid 1003)id AF1918F8B5; Tue, 17 Jan 2006 08:07:11 +0100 (CET)

Return-Path: <[email protected]>

Content-Type: text/html

Date: Tue, 17 Jan 2006 08:07:11 +0100 (CET)

Message-Id: <[email protected]>



PayPal
PayPal is committed to maintaining a safe environment for its community of customers. To protect the security of your account, PayPal employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the PayPal system for unusual activity.

We are contacting you to remind you that on 16.01.2006 our Account Review Team identified some unusual activity in your account. In accordance with PayPal's User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved.

To secure your account and quickly restore full access, we may require some additional information from you for the following reason:

We have been notified that a card associated with your account has been reported as lost or stolen, or that there were additional problems with your card.


This process is mandatory, and if not completed within the nearest time your account or credit card may be subject for temporary suspension.

To securely confirm your PayPal information please click on the link bellow:



https://www.paypal.com/cgi-bin/webscr?cmd=_login-run



We encourage you to log in and perform the steps necessary to restore your account access as soon as possible. Allowing your account access to remain limited for an extended period of time may result in further limitations on the use of your account and possible account closure.

For more information about how to protect your account please visit PayPal Security Center. We apologize for any incovenience this may cause, and we apriciate your assistance in helping us to maintain the integrity of the entire PayPal system.



Thank you for using PayPal!
The PayPal Team

 

[oliciv]

If you're ever in doubt about an email from Paypal, forward it to [email protected] and they'll reply and let you know if it's real or not...

 

[minifhncc]

I've been getting heaps of these spoof emails to my ABUSE@ address... Obviously, it is spoof so I just report it to spamcop, where it gets forwarded to [email protected] aswell.

Thanks,
Mini