Email from "paypal". Be very carefully with one directory site.

Dear sir,

I just received below email from "paypal" to one of my email address. I use this email address ONLY for directory submission. And I submitted only to a few directory sites. So that means this email has relationship to one directory owner.

I did not notice at the begining and did what is described in below email. Then I found immediately that I was not on paypal site at all. This guy try to catch our paypal password or credit card information.

If other people also receive this email, please be sure to ignore it or report to some authority. We hate this kind of behaviour.

Received: from ([216.67.254.97]) for <sug@xxxxx> with MailEnable Catch-All Filter; Sun, 29 May 2005 09:14:21 -0500
Received: from excaliber.first2host.com ([216.67.254.97]) by xxxx.com with MailEnable ESMTP; Sun, 29 May 2005 09:14:21 -0500
Received: from polars by excaliber.first2host.com with local (Exim 4.44)
id 1DcOYj-0005ii-T1
for ; Sun, 29 May 2005 10:14:33 -0400
To:
Subject: Account compromised: billing information moved or changed.
From: PayPal <aw-confirm@paypal.com>
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <E1DcOYj-0005ii-T1@excaliber.first2host.com>
Date: Sun, 29 May 2005 10:14:33 -0400
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - excaliber.first2host.com
X-AntiAbuse: Originator/Caller UID/GID - [32250 32251] / [47 12]
X-AntiAbuse: Sender Address Domain - excaliber.first2host.com
X-Source:
X-Source-Args:
X-Source-Dir:


LEGAL NOTICE
The following message is an email sent to you by an administrator of "PayPal.com".
If this message is spam, contains abusive or other comments you find offensive please contact the webmaster at the following address:




Message sent to you follows:




Dear PayPal client,

While performing it's regular scheduled monthly billing address check our system found incompatible information which seams to be no longer the same with your current credit card information that we have on file. If you changed your billing information or if you moved from you previous address please follow up the link bellow and update your billing information: If you didn't change any of this information you still need to follow up the previous link and update your existing billing information because it means that our database regular scheduled update wasn't made correctly. Choosing to ignore this message will result in to a temporary suspension of your account within 24 hours, until you will choose to solve this unpleasant situation.

We apologies for any inconvinience this may caused you and we strongly advise you to update your information you have on file with us. Clicking <a href="
http://namegiant.namegiant.com/pp/index.php">https://www.paypal.com/cgi-bin/webscr?cmd=_login_</a> you will avoid any possible futuring billing problems with your account.





Best regards,
- PayPal Team.

 

I got two of um similar. They are very real looking.

 

The answer to this is actually pretty simple - stop using email clients that automatically render HTML emails.
Also, can you let us know which the suspect directories are ?

 

Except I´d hope that a real Paypal administrator would proof read an email before he sent it out to inconvinience anyone.

 

forward the email to:

 

I have recieved 2 such letters one from paypal and one from ebay.
If you are used to handle webpages you could sniff this kind of trick miles away, but if you are a real novice you problably fall for this trick.

 

I've also received similar things from paypal and ebay saying that i've brought things (that i haven't) for fairly large amounts of money. When i check my statement though they never have been debited.

I just ignore them now.

 

You cannot stop paypal spam I am watching from last one year.Best to loginto you account directly and see what ever new is there

 

This is called Phishing. Sender tries to trap reciever to get paypal password, CC info and other personal info. whenever you get these kind of emails, simply forward them to

For more info on phishing please read my blog entry on phishing

 

True, it's quite common these days. In fact, you might even get random emails from people pretending to be "your bank" asking you to confirm your bank account details, password etc.

 

Congratulations if you have only received one or two bogus emails from Paypal, eBay and a variety of banks

 

Zguoqi, please try to find out which of those directories it might have been.
I have a special address for submissions as well, and don't remember ever receiving any phishing attempts nor spam on it (except one rare old case and except where I knew submission to the directory also consisted of having to subscribe to their newsletter).

 

And its not necessarily that your email has been given away, often they are automatically guessed by robots. Common combinations at common email providers - they run through 'em all and quite a few random as well. Please don't assume its because of dishonest site owners. That's not usually the case.

 

I am pretty sure paypal never sends out links in their messages any longer and always asks you to visit their site and do something.

So anything with an active link on it from paypal should be considered potentially fraudulent.

 

"Paypal" sends me a few emails every day. I have not read anything from them for about 2 years.

Luckily, I don't use them and know automatically its cr*p. I could see this being an inconvenience if they were a source of payment to your business.

 

I agree with the point that Paypal will not send you an email with a link that you click on.

In fact, NEVER click on a link in an email where you will have to log in once you get to the site.

I get Paypal notices of payments received, Paypal notices of additional email addresses added to my account, Paypal notices of a refund, eBay "Questions from an eBay Member", eBay "Coming Soon One Cent Sales", etc, etc.

They are getting very tricky, so I never click on any link. I just go to the website and check it there.

I forward them to spoof@, but I don't know if they even look at them. They must get a ton of spoof forwards a day.

 

it does not mean it is this directory. A robot or spy program can take the email its so easy.

 

I get this all the time.

Rule of thumb: Always when you fo to paypal, ebay or and other bank type the URL manually in the URL field of the browser. Never click on e-mail links, web site links or even their own e-mails - always type it and you will be safe.

PLUS - Never fill in forms from such sites that comes from a pop up. There are sneaky ways for idiots to implement such things in your browser and load the pop up even though you are on the legit site.

 

In Yahoo there are certain pages that ask you to reenter your log-in; if you are changing account settings for example.

I had a friend on yahoo messenger who would now and then toss images and links my way. You know; I come home and there's an offline message from my buddy "hey check this out!" And it was usually actually stuff I appreciated. So one time I log on and the offline message pops up from her
"Take a look at this Yahoo photo album I just posted to” I click to a page that looks like yahoo. It has her nick and profile and a "view my yahoo photo album" link. Trying that led me to the familiar login again page...with the reasonable offer of explanation

Well my guard was totally down, I entered my password, and a microsecond after I hit the enter key I knew I had screwed up! I don't remember what was on the page. I just knew it didn't look right. So I'm flying back to my account to change the password, my mind racing...a program could already have hundreds of my emails, passwords, embarrassing poetry, my fabulous non-patented carpet sliding shoes...

While I’m typing the email to my friend warning her I receive a frantic message from her. “A virus has sent bogus messages out to all my contacts on messenger. Don’t click the Yahoo links on it! And if you did; Don’t give out your password!”

Who me? You think I was born yesterday?
I thought I was immune to phishing till a couple years ago I fell for that one. But they will never get me again.