The Brave Programmer - Blogging and coding
Not for the faint hearted
 

Blog Posts From The Brave Programmer

Minimize

Another phishing spam email from PayPal

Aug18

Written by:
2009/08/18 09:52 AM RssIcon

image Phishing emails, 419 scams, scams sites, the internet is rife. These people pray on the uninformed and uneducated, and internet illiterate. I have received emails before from PayPal, requesting me to go to a site to update my details. Which obviously I didn't. But I received another one, slightly different.

The first email, well one of many, I received requesting me to update my information, required me to go to a site and update my credit card details. You would think that people using PayPal, email, and the internet would be in the know about such scam. Not so.

I blogged about this first round of phishing scams. Read about it at Fraud, Phishing and Spam from Paypal.

But now there is another email scam. Slightly different than the first. This one deals with unauthorised credit card use. Sounds pretty scary right. I mean who wants their credit card to be used by fraudsters on the internet?You would want to do anything to stop it right?

Here is a snippet of what the email looked like.

We recently received a report of unauthorized credit card use associated with this account. As a precaution, we have limited access to your PayPal account in order to protect against future unauthorized transactions.

Case ID Number: PP-435-57-622

This is a reminder to restore your account as soon as possible.

Please download the form attached to this email and open it in a web browser. Once opened, you will be provided with steps to restore your account access. We appreciate your understanding as we work to ensure account safety.

In accordance with PayPal's User Agreement, your account access will remain limited until the issue has been resolved.

Unfortunately, if access to your account remains limited for an extended period of time, it may result in further limitations or eventual account closure. We encourage you to restore your PayPal account as soon as possible to help avoid this. We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

The email had an html file attached, which when browsed looks very authentic. Even the links on the site, open up pop-up windows and take you to the legitimate PayPal site for security and credit card help information. Looks all very legit. Problem is that the form post goes nowhere near PayPal, but to some obscure IT address, with a PHP file extension. Obviously used to collect your details. Have a look at what the page looks like.

paypalscam

Two things I noticed about this form that should set off the warning bells, emergency red lights, sirens, what ever gets your attention. This is besides the credit/debit card number and card expiration date.

  • CSC – Which I assume is similar to the CVV number for the credit card
  • ATM Pin – For the Debit card

It should be drummed into our heads. Never give away your pin, to anyone. You should be very wary about supplying your CVV number to suspect sites. Especially if you’re not making a valid purchase. If anyone is updating your account, there is no need for these two values. They are yours. Guard them with your life.

PayPal’s Views

To help you better identify fake emails, PayPal follow strict rules. They will never ask for the following personal information in email:

  • Credit and debit card numbers
  • Bank account numbers
  • Driver's license numbers
  • Email addresses
  • Passwords
  • Your full name

Read more about PayPal's Phishing Guide here

Related Reading:

Fraud, Phishing and Spam from PayPal.

 

Technorati Tags: ,,,,

 

New here, or perhaps you've been here a few times? Like this post? Why not subscribe to this blog and get the most up to date posts as soon as they are published.



Tags:
Categories:
blog comments powered by Disqus

2 comment(s) so far...


Gravatar

Re: Another phishing spam email from PayPal

I have a Paypal account for about 4 years now. Regular receive these type of emails. Best is to ignore and if in doubt log in to your account via your normal link. I know Paypal had a bit of bad reputation, but I cannot complain. Pity they do not provide full facilities in SA. At the end of the day there will always be a scam as long as people fall for it.

By Rustig on  2009/08/18 10:19 AM
Gravatar

Re: Another phishing spam email from PayPal

I also have a PayPal account. Haven't used it. We cannot draw money out of PayPal here in South Africa. So unless I want to use PayPal as a money store to buy goods online, it seems pointless for me.

By Robert Bravery on  2009/08/18 10:36 AM
 
Blog Updates Via E-mail
 Blog Updates Via E-mail
Minimize

Do you want to receive blog updates via e-mail. Then just click on the link below. You will be redirected to Google's feed burner, where you can fill out a form. Supplying your e-mail address.

The subscription is managed entirely by Google's Feedburner. We cannot and do not collect your email address.

Subscribe to The Brave Programmer by Email

Print  
 

 

Latest Comments
 Latest Comments
Minimize
Powered by Disqus

Sign up with Disqus to enjoy a  surprise box of features

Print  
 
Blog Roll
 Blog Roll
Minimize
Print  
 
Categories
 Categories
Minimize
Print  
 
<h1>Search Blogs From The Brave Programmer</h1>
 

Search Blogs From The Brave Programmer

Minimize
Print  
 
Archive
 Archive
Minimize
Archive
<June 2017>
SunMonTueWedThuFriSat
28293031123
45678910
11121314151617
18192021222324
2526272829301
2345678
Monthly
Go
Print  
 
<h1>News Feeds (RSS)</h1>
 

News Feeds (RSS)

Minimize
Print  
 

Follow robertbravery on Twitter

Blog Engage Blog Forum and Blogging Community, Free Blog Submissions and Blog Traffic, Blog Directory, Article Submissions, Blog Traffic

View Robert Bravery's profile on LinkedIn

Mybyte

 

Robert - Find me on Bloggers.com

Tags
 Tags
Minimize
Print  
 
Contact Us Now
 Contact Us Now
Minimize
 

Email  us now or call us on 082-413-1420,  to host your website.

We design and develop websites. We develop websites that make a difference. We do Dotnetnuke Module development.

Web Masters Around The World
Power By Ringsurf
Print