Paypal phishing

Keith Montgomery · Jun 9, 2006

Here is an email I got yesterday.

Dear member,

This email confirms that you have paid paypal@creative.com $379.12 USD using PayPal.

This credit card transaction will appear on your bill as "PAYPAL *CREATIVE".

--------------------------------------------------------------------------------

Payment Details

Purchased From:creative.labs

Item # Item Title Quantity Price Subtotal
8751475190 Creative Labs Gigaworks THX 7.1 S750 PC Speakers 1 $349.99 USD $349.99 USD

Shipping & Handling via USPS First Class Mail to 154XX
(includes any seller handling fees) $18.25 USD
Shipping Insurance (optional): --
Sales Tax (6.000% inPA) : $10.88 USD

Total: $379.12 USD
Note:Thank you!

--------------------------------------------------------------------------------

Shipping Information

Shipping Info: Wayne E Bakewell
16 elm st
Brownsville, PA 15417
United States

Address Status: Confirmed

--------------------------------------------------------------------------------

If you have questions about the shipping and tracking of your purchased item or service, please contact the seller paypal@creative.com.

--------------------------------------------------------------------------------

Do you confirm this transaction?

If this transaction was not made by you please immediately take the following steps:

Login to your account by clicking on the link below
Provide requested information to ensure you are the owner of the account
Find this transaction in HISTORY and click 'Cancel Transaction'

CANCEL TRANSACTION!

Thank you for using PayPal!
The PayPal Team

Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and choose the Help link located in the top right corner of any PayPal page.

PayPal Email ID PP843

There was a Paypal header that wouldn't copy & paste.

This is one I haven't seen before. I am impressed with the ingenuity of this bit of phishing. It gets people all pissed off about a bogus charge on their Paypal account. When people get angry they make stupid decisions.

harleyvato · Jun 9, 2006

I had a similar charge for about $400.00 sent to me . The seller I supposedly been billed from was no longer active. luckily I didnt fall for the "click link below " part and checked with paypal . I also sent them the email and I guess they are handling it from there. I guess you can't be too careful.

Nordic Viking · Jun 9, 2006

In my correspondence with Paypal, they always address me by my registered fullname (i.e. Dear Mr. H. Jablome).

Any email that starts with Dear User / Dear Member / Dear Sir , is undoubtably fake.

cockroachfarm · Jun 9, 2006

Keith Montgomery said:
...This is one I haven't seen before. I am impressed with the ingenuity of this bit of phishing. It gets people all pissed off about a bogus charge on their Paypal account. When people get angry they make stupid decisions.

Haven't seen that one either - very well put together. As you said, someone might get so p***ed off reading through that, by the time they get to the live link, they might click on it without thinking.

I never, ever, NEVER click on a live link within an email - even if it comes from my friends (I ask them to confirm it first).

I have had these bogus "confirmation" emails from "PayPal", "eBay", and every bank I deal with. However, the "DELETE" button is my friend.

I'd just like to meet one of these "phishing" scumbags one day and introduce myself and some of my friends.

whitie · Jun 9, 2006

Wow, that's pretty creative. Thanks Keith for the heads up.

whitie

rifon2 · Jun 9, 2006

Yeah, the PayPal phishing scams have become very numerous, and more deviously clever. I get about 5-6 PayPal phishing emails a day now.

Never, never click on an email link that asks you for any information whatsoever.

Just delete the email.

If you want to check the emails validity, close your browser completely. Reopen it, and then type in your desired address - PayPal, Citibank, Wells Fargo, GoDaddy, Earthlink - whatever.

Then you'll 99% be on the real website.

If you want to go a step further, after you close your browser, delete your browsing history entirely - especially all cookies.

Then, reopen your browser and type in your desired address.

Now, you're 99.9% at the actual site.

(100%, btw, is only a theoretical number with this stuff.)

whippersnapper · Jun 9, 2006

It has been terrible this last week.....I have even received a couple fakes with my name on them:grumpy:

howiesatwork · Jun 9, 2006

Nordic Viking said:
In my correspondence with Paypal, they always address me by my registered fullname (i.e. Dear Mr. H. Jablome).

Any email that starts with Dear User / Dear Member / Dear Sir , is undoubtably fake.

And your first name wouldn't be Haywood, by chance?

Sorry, I know it's just an example...
Off to spoof@paypal.com for the phishing email...

AG · Jun 10, 2006

Got a similar message 2 weeks ago.

I was almost tempted to act and click to cancel a Sony W800 Cellular someone has "bought" in my name - but I decided to login to my PAYAPL account and saw no such transaction - this raised my suspision and I emailed their scam report mail. I got a reply within few hours that the message was indeed a phishing attemt and not a legit paypal message.

Rule 1 as said before is to see if your full name is mentioned "Dear Mr. dksfdsakj" and not "Dear paypal user" or something like this.

Then closing the browser and re-lauching it with "https://www.paypal.com" making sure you see the yellow lock - this is the best way to login.

Hope more people see this warning - maybe make it a steaky thread

robertmegar · Jun 10, 2006

I ussually login with wrong password/username and continue to fill the address and ssn# with profanity or just wrong info over and over again to overload their data!