+Chaos A.D./aka Arlsdaddy Posted December 3, 2005 Share Posted December 3, 2005 (edited) Many of us use Paypal, and I got a phoney one today. I called paypal, they said they don't send emails starting with "Dear customer, dear paypal user", etc. They say they use your first and last name. They didn't even have my email name in the "to" field. It was addressed to <undisclosed-recipients:> The following is a copy paste so you can be aware of this (I am not including the link for your protection) Dear PayPal Customer, You have received this email because we have strong reasons to believe that your PayPal account has been recently compromised. In order to prevent any fraudulent activity from occurring we are required to open an investigation into this matter. To speed up this process, you are required to verify your PayPal account by following the link below. ******phoney link here****** (To complete the verification process you must fill in all the required fields) Please Note: If your account information is not updated within the next 72 hours, then we will assume this account is fraudulent and your account may be restricted. We apologize for this inconvenience, but the purpose of this verification is to ensure that your Paypal account has not been fraudulently used and to combat fraud. Please do not reply to this e-mail. E-Mails sent to this address cannot be answered. PayPal Account Department Paypal says to forward these to spoof@paypal dot com Please be aware!! If you click a link and enter your info, someone other than paypal just ripped you off!!! Edited December 3, 2005 by Chaos A.D./aka Arlsdaddy Quote Link to comment
+MO Outdoorfamily Posted December 3, 2005 Share Posted December 3, 2005 This is a great place to give a warning to those who may not use paypal otherwise. Having used paypal long before the geocoins came along I can say these emails are a pretty regular occurence. I forward all mine to spoof@paypal.com Quote Link to comment
+Dreamin'Eagle Posted December 3, 2005 Share Posted December 3, 2005 Thanks for the heads up I will keep my eyes open for one of these emails. Quote Link to comment
+Hula Bum Posted December 3, 2005 Share Posted December 3, 2005 Yes, these have been going on for quite a while. These fake emails are generally referred to as "phishing" attacks. Some of the easiest ways to tell if emails are legit: 1) Look at the FROM ADDRESS, not the FROM NAME 2) Look at the REPLY TO ADDRESS 3) Hover over the links with your mouse and look at the bottom of your browser to see the actual destination URL BEFORE you click on it When in doubt type in the URL manually instead of clicking on the links. Hopefully nobody falls for these and gets ripped off. Quote Link to comment
+Chaos A.D./aka Arlsdaddy Posted December 3, 2005 Author Share Posted December 3, 2005 With so many transaction occuring in the geocoin section, would this be a good topic to pin to help protect geocachers? Quote Link to comment
+Ladycacher Posted December 3, 2005 Share Posted December 3, 2005 I get one of these emails about once a month and have been for around two years and it's annoying. Just ignore it, delete it, and then permentaly delete it. Quote Link to comment
+legna and sOulbAit Posted December 3, 2005 Share Posted December 3, 2005 I got one the other day from ebay (right). Same set up and wanted me to update my account so I would not be ban from there service. Quote Link to comment
+Chaos A.D./aka Arlsdaddy Posted December 3, 2005 Author Share Posted December 3, 2005 (edited) I get one of these emails about once a month and have been for around two years and it's annoying. I've used Paypal for quite a while, first time I got an email like this. If I didn't have 3 20 oz. cups of caramel lattes this a.m. I might of fell for it!! lol You just never know....be VERY cautious when someone asks for personal info.... Another thing that raised a flag...says it's from the accounting dept. not security or fraud prevention, etc. Edited December 3, 2005 by Chaos A.D./aka Arlsdaddy Quote Link to comment
+GrandpaKim Posted December 3, 2005 Share Posted December 3, 2005 Yes, these have been going on for quite a while. These fake emails are generally referred to as "phishing" attacks. Some of the easiest ways to tell if emails are legit: 1) Look at the FROM ADDRESS, not the FROM NAME 2) Look at the REPLY TO ADDRESS 3) Hover over the links with your mouse and look at the bottom of your browser to see the actual destination URL BEFORE you click on it When in doubt type in the URL manually instead of clicking on the links. Hopefully nobody falls for these and gets ripped off. You should NEVER click a link. You should ALWAYS type in the URL manually. Quote Link to comment
+graylling Posted December 3, 2005 Share Posted December 3, 2005 I get these on a regular basis. Depending on the email program you use if you mouseover the link you can see where it actually goes in the status bar of your browser or program. Then you know what to avoid. Quote Link to comment
+Zero CooL NL Posted December 3, 2005 Share Posted December 3, 2005 Also watch out for possible attachments, they seem to contain a JPG file, but be alarmed when you open it, it can lead a life of his own! Why, the attachment looks something like: <some_caching_name.JPG.EXE> No Phun Intended! Quote Link to comment
+Bambi&Thumper Posted December 3, 2005 Share Posted December 3, 2005 The problem is that I frequently get requests for money via paypal. A trick I use to check that the link is authentic, is to type in a false password the first time. If it is genuine, it will ask you to re-enter your password, if not... Bambi. Quote Link to comment
YemonYime Posted December 3, 2005 Share Posted December 3, 2005 PayPal will never address you as "Dear PayPal Customer". Based on getting that same message repeatedly, and reporting it each time, that's what I've been told by PayPal's spoof department. It's a very useful rule to keep in mind: You signed up with them freely, so they know your name or business name, so they'll use it every time. If it doesn't have that personalized greeting, you should delete it. HTH, Yime Quote Link to comment
+GEO*Trailblazer 1 Posted December 3, 2005 Share Posted December 3, 2005 Also look for the mistakes in spelling. Quote Link to comment
+Lemon Fresh Dog Posted December 3, 2005 Share Posted December 3, 2005 A good phisher can also make the link you are visiting look legit. Basially, PayPal will never send you an e-mail with a link (neither will eBay) -- they will refer you to visit the site, but not link to it. In fact, be cautious of any information that asks you to click a link. For more information, click here Quote Link to comment
+Saving Shiloh Posted December 3, 2005 Share Posted December 3, 2005 (edited) I got a phoney, too: URGE NT: Pay Pal Sys tem Prob lems Dear , (MY EMAIL), Unfortunately we have had some trouble with one of our computer systems. Whi le the trouble appears to be minor, we are not taking the necessary precautions. We have decided to take the affected system offline and replace it with a new system. Unfortunately this has caused us to lose member data and information. Please follow the link below and log in to your account to re-enter your in on to b e assured no one of your prior information has been lost Note: Account balances have not been affected. Because of the inconvenience, we will be providing all users that repair their missing data the ir next two incoming transfers for free! You will pay no fees for your next two incoming transfers. Click ****Phoney Link****To Begin the Account Process Thank you for using PayPal! DONT FALLK FOR IT, IT ENDS UP AT FREEWEB.com!!!!!!!!!!!! Edited December 3, 2005 by Saving Shiloh Quote Link to comment
+SilverMarc Posted December 4, 2005 Share Posted December 4, 2005 Yes, these have been going on for quite a while. These fake emails are generally referred to as "phishing" attacks. Some of the easiest ways to tell if emails are legit: 1) Look at the FROM ADDRESS, not the FROM NAME 2) Look at the REPLY TO ADDRESS 3) Hover over the links with your mouse and look at the bottom of your browser to see the actual destination URL BEFORE you click on it When in doubt type in the URL manually instead of clicking on the links. Hopefully nobody falls for these and gets ripped off. Here's another easy way to tell if it's a phishing email: Enter a totally bogus password when you log on. The bogus site will act as if you entered a real password. Some people I know -always- enter the bogus password first whenever they log on anywhere a a passive reminder that they are on the site they expect to be on - since the real site will flag the bogus password. (Of course, next the spammers will always have their bogus site reject the first password... and so on...) --Marc December 3, 2005 @ 7:00 PM N40° 46.565' W073° 58.756' Quote Link to comment
+Chaos A.D./aka Arlsdaddy Posted December 4, 2005 Author Share Posted December 4, 2005 In fact, be cautious of any information that asks you to click a link. For more information, click here Heyyyy...didn't you just warn us about clicking links???LOL Quote Link to comment
Thrasher22 Posted December 4, 2005 Share Posted December 4, 2005 When I received the invoice for my Ontario coins, there was a link to click on "Pay Now". When I clicked on it, it just asked for my password, not my Paypal email address. Seemed kind of weird, but I guess it was legit, because Paypal already knew the email address this invoice was sent to. But it was weird nevertheless. Or an invoice from The Caching Place included a link to click on to pay too. I guess sometimes you have no other choice just to click on some links in some emails. Quote Link to comment
+Old Sailor Posted December 4, 2005 Share Posted December 4, 2005 I get them about 1 every month. Using ebay toolbar...as soon as I open said mail it tells me its not real.....then I forward to spoof. Quote Link to comment
+Chaos A.D./aka Arlsdaddy Posted December 4, 2005 Author Share Posted December 4, 2005 A good phisher can also make the link you are visiting look legit. Yes...the link I got started out www.paypal.com then had extra characters after that...so it would APPEAR it was legit. Quote Link to comment
+Cav Scout Posted December 4, 2005 Share Posted December 4, 2005 Thanks for the warning Quote Link to comment
+Lemon Fresh Dog Posted December 4, 2005 Share Posted December 4, 2005 In fact, be cautious of any information that asks you to click a link. For more information, click here Heyyyy...didn't you just warn us about clicking links???LOL Haha! You should see where the link takes you Quote Link to comment
+Chaos A.D./aka Arlsdaddy Posted December 4, 2005 Author Share Posted December 4, 2005 In fact, be cautious of any information that asks you to click a link. For more information, click here Heyyyy...didn't you just warn us about clicking links???LOL Haha! You should see where the link takes you Must be a joke site?! I'll check with my laptop for laughs..that's the comp I use for questionable stuf...I always wipedrive that one and have no personal info on it Quote Link to comment
+Marky Posted December 4, 2005 Share Posted December 4, 2005 (edited) Just for fun, I often look at the html of the e-mail message to see where the link is actually sending me. If you turn off html e-mail, these will look a lot less official. --Marky Edited December 4, 2005 by Marky Quote Link to comment
+Dreamin'Eagle Posted December 4, 2005 Share Posted December 4, 2005 In fact, be cautious of any information that asks you to click a link. For more information, click here Heyyyy...didn't you just warn us about clicking links???LOL Haha! You should see where the link takes you curiousity got the best of me on this so I check it out. HAHAHAHA that's funny. Quote Link to comment
+blackjack65 Posted December 5, 2005 Share Posted December 5, 2005 When I received the invoice for my Ontario coins, there was a link to click on "Pay Now". When I clicked on it, it just asked for my password, not my Paypal email address. Seemed kind of weird, but I guess it was legit, because Paypal already knew the email address this invoice was sent to. But it was weird nevertheless.Or an invoice from The Caching Place included a link to click on to pay too. I guess sometimes you have no other choice just to click on some links in some emails. I am also suspectfull of the email I got for the Ontario GeoCoin. Quote Link to comment
+junglehair Posted December 5, 2005 Share Posted December 5, 2005 When I received the invoice for my Ontario coins, there was a link to click on "Pay Now". When I clicked on it, it just asked for my password, not my Paypal email address. Seemed kind of weird, but I guess it was legit, because Paypal already knew the email address this invoice was sent to. But it was weird nevertheless.Or an invoice from The Caching Place included a link to click on to pay too. I guess sometimes you have no other choice just to click on some links in some emails. I am also suspectfull of the email I got for the Ontario GeoCoin. The best practice, if you are unsure, is to open a new browser window and log into your PayPal account from there. The invoice will be listed there, and you can pay it that way. Quote Link to comment
CoyoteRed Posted December 5, 2005 Share Posted December 5, 2005 The problem is that I frequently get requests for money via paypal. A trick I use to check that the link is authentic, is to type in a false password the first time. If it is genuine, it will ask you to re-enter your password, if not... Bambi. Very good suggestion. One thing I've been doing for a long time is only viewing emails as plain text. The reason is virus payloads can't deploy. A side benefit is the actual link is hidden and the program makes a link out out of what is displayed. In HTML you have the ability to create a link and make another word clickable to use that link. Spoofers use a legitimate link as the clickable word, but a different link underneath. This makes the link look legit. This different link takes you to a legitimate looking site where you are asked to input your password. Of course, you should enter a bogus password to see if it is legit. But by leaving my email client in plain text, I never see the bogus sites or worry about virii deploying as they never get the chance. I don't get any important email that doesn't have a plain text component. I never open attachments unless I know what it is, that it is coming, I know or have had contact with the person previously. This technique works pretty good and I don't have to have virus protection bogging down my machine 24/7. I run a virus scan periodically just in case, but haven't had any problems since I started doing this. Hope this helps. Quote Link to comment
+ShowStop Posted December 5, 2005 Share Posted December 5, 2005 Now that we are venturing into E-bay for coin buying, there are a few other warnings that come into play. Scammers on E-bay like to pretend they are the seller and make second chance offerings to would-be buyers. This usually only works on auctions where bidders are out-bid, but the depths they go to scam people have no limits. Be careful out there folks. Quote Link to comment
+ChapterhouseInc Posted December 6, 2005 Share Posted December 6, 2005 The best practice, if you are unsure, is to open a new browser window and log into your PayPal account from there. The invoice will be listed there, and you can pay it that way. as with website transactions, i do not respond to emails like thouse in the original post. if there is a problem, it seems like they would do as amazon does: reset your account, forcing you to say 'i lost my password' and reset it. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.