• The rules for The Exchange can be found here. Please read and follow them.


Feedback: 0 / 0 / 0
Jun 19, 2006
not sure if i should post this here -

i receieved 2 emails last night from paypal saying i bought stuff i didnt,with a shipping address thats not mine-

my paypal account is now closed-
im not sure if this is a fishing scam,if you get one of these-DO NOT USE THE PAYPAL LINK on the email-go directly to paypal and look-

sales didnt show at paypal so im wondering if they want you to use the dispute resolution option on the email to get your info-

just a heads up these guys are getting rteal good at stealing
I don't even open them. i just forward them to spoof@paypal.com.
If it's legit they will let you know, and if it's phishing, they'll let you know.
I got three last night. I simply report them then delete them. I log in to my real account and make sure there is no activity.
They are spoofing you trying to get your ID/password.

Your reaction was RIGHT ON. Just go directly to PayPal homepage and log into that to see if any activity has occurred.

I've had the same type of scenario with EBAY screens.

Interestingly enough, the emails do get your attention and are quite "authenic" looking.

After receiving a couple of them, you catch-on quick.
I look at the full headers of a known-to-be-real PayPal email vs. the spoofs. One easy one, right off-the-bat, is the "Message-ID" field. IME, 99% of spoofs get this wrong. (Many are via Trojaned Windows PCs, relaying through ISP mail servers, so they can't get the Message-ID right.) If the Message-ID field ends in anything but "paypal.com," it's almost certainly a spoof. If that one's in question, I next look at the "Received" headers. (This takes more experience.) They are in reverse-chronological order: Most recent to the top. I look to where the email was handed-off to the first email relay I can trust: Which is either my own mailserver, my company's network or my ISP. If the first mail server/gateway I trust doesn't say it was received from something ending in "paypal.com," it's a spoof.

Warning: Reading email headers requires experience. If at all in doubt: Play it safe and ask PayPal!

Another thing I've done is "tagged" the email address I gave to PayPal. It's a little-known fact amongst non-computer-geeks, but most mail servers will accept "tagged" email address'. I.e.: If your email address is "sombody@example.com," your server may accept "somebody+foo@example.com," "somebody+bar@example.com," "somebody+whatever@example.com," etc. Scammers have no way of knowing you've given PayPal a tagged address. But PayPal will always use it. So if you receive something purportedly from PayPal that's not to your tagged address, you can be pretty damn sure it's a scam.

Note: Some web-based systems are tagged-address-hostile. They interpret the "+" as something other than a plus. Standards are wonderful, aren't they?

Disclaimer: No warranty, expressed or implied, as to the usability of fitness of the information disclosed above for any particular purpose. Caveat Emptor. This is worth just what you paid me for it. Your purchase price cheerfully refunded if you are in any way dissatisfied.
All emails from PayPal start off with your name. Never with anything else. If it doesn't start with your name it isn't from Paypal.
And also, as paypal states in all the emails i`ve gotten from them atleast, is to never click a link in an email. Go to the paypal website, and make sure it starts with https://www.paypal.com and not some ip-numbers.
Like Bobby said;just report them and go to your REAL account and make sure nothings going down.I received an email from"Paypal" saying our account had been closed-Nope.As soon as I got into my account there was nothing wrong.Here's a Hint-If you get an email from them and there's 10 or more email addresses with yours at the top-Then it's Not from Paypal.:cool: :thumbdn: