Has anyone gotten this email from PayPal?

LEDBE
matrixshaman

matrixshaman

Flashlight Enthusiast
Joined
Jan 17, 2005
Messages
3,413
Location
Outside the Matrix
I get phishing and spoof email all the time and know how to recognize them quickly. However of particular concern was one I got today -- the difference in it was that the sender had my actual name. All past spam and phishing, spoof emails don't know your real name normally. It was about PayPal policy updates and gave an address of email1.paypal.com to log in to with some code after the .com/ I might have considered it to be valid but the web site and address given are completely non-responsive. It also seems to have an expired (as of today) domain registration so at this point I'm guessing it was a phishing attempt that has already been shut down. The only way I can imagine this happened would be if the phishing/hacker had done business with me in the past.

I am still checking on this and have forwarded the email complete with header info to PayPal to verify this is not valid. If it is valid then PayPal's having a problem with their link in the email or it is on a server that has been shut down. However I doubt this as any normal policy updates would not give you a link other than https://www.paypal.com to click on.
If you get any email like this or have gotten one recently I'd like to hear from you as I take it very seriously when a hacker knows my name and is phishing.
 
The e-mail was most likely a phishing scam. Personal information can easily be gathered from the internet or from certain businesses, and can be put into e-mail addresses. Some large companies also will allow third party advertisers to use your personal information unless you specifically request that they do not or they specifically state that they do not. I occasionally get spam with my full name in it as well, and it is a bit disconcerting.

Nota Bene: E-mails requesting credit card information and other tasty tidbits in the body of the e-mail are never good, even if the website looks legit. Most large corporations will never send an e-mail requesting credit card information!
 
I got the same paypal phish a month or so ago and I don't have a paypal account. I called paypal and they said it was pure phishing, probably from one of the credit bureau lists.

edit - it was also to my "protected" email account which I never use for anything that could generate spam. I (and the paypal guy) am totally puzzled as to how that got out. My domain host said it was probably just a "shotgun" attack, where the phisher gets a domain name and then automatically sends thousands (or millions) of emails with various names to that domain. Kinda over my head. I can probably afford better spam protection when I get my money from the Ethiopian princess.
 
Last edited:
Thanks for chiming in on this - I'm pretty well versed in this aspect of cybercrime but it is the first time anyone had my name. I think I have some ideas of where it may have come from - (outside the U.S.) but they won't get any info from me. I actually was willing to try the address in my browser to see what happened because I not only run my browser in a Sandbox but have a number of other special programs to prevent any foul play while browsing and that's in addition to firewalls, anti-virus and anti-spyware programs.

Does anyone here use a PayPal security key? It's a small digital device PayPal sells that generates a new PIN about every 30 seconds so everytime you log in you'll enter a different PIN in addition to your password. It seems like a fairly good idea and for only $5 including shipping it can add a fairly strong layer of security. No monthly fees or any other charges either.
 
Our local Association of Realtors uses that system to protect MLS access. Really works. Probably if I did paypal, I'd do that.

Only problem I had with the MLS code key was leaving it in my office (I don't like a bunch of stuff in my pocket) so if I wanted to access the MLS from a computer outside my office and didn't have the key with me, I was out of luck.
 
matrixshaman said:
Thanks for chiming in on this - I'm pretty well versed in this aspect of cybercrime but it is the first time anyone had my name. I think I have some ideas of where it may have come from - (outside the U.S.) but they won't get any info from me. I actually was willing to try the address in my browser to see what happened because I not only run my browser in a Sandbox but have a number of other special programs to prevent any foul play while browsing and that's in addition to firewalls, anti-virus and anti-spyware programs.

Does anyone here use a PayPal security key? It's a small digital device PayPal sells that generates a new PIN about every 30 seconds so everytime you log in you'll enter a different PIN in addition to your password. It seems like a fairly good idea and for only $5 including shipping it can add a fairly strong layer of security. No monthly fees or any other charges either.
Click to expand...

i want that, seems safer...5$ is a very small amount when compared to losing a bank account's worth because you bought something on bst....of course that sometimes happens because you actually bought something..:ohgeez:

Crenshaw
 
matrixshaman said:
Does anyone here use a PayPal security key? It's a small digital device PayPal sells that generates a new PIN about every 30 seconds so everytime you log in you'll enter a different PIN in addition to your password. It seems like a fairly good idea and for only $5 including shipping it can add a fairly strong layer of security. No monthly fees or any other charges either.
Click to expand...

That is a great deal. I have the same type of security device to access my Sheriff's Office web page as an administrator. The security is as close to bullet proof as you can get. But the key fob sized device cost the Sheriff's Office $180, not $5.
 
Hi BIGIRON (post#3)
Quote:
"I can probably afford better spam protection when I get my money from the Ethiopian princess."
:crackup::crackup::crackup:
 
Never, EVER, click on a paypal (or similar) link in an email. Always, ALWAYS, open a fresh browser window, and start with www.paypal.com (or whatever), and go to your account from there.

If someone calls or emails claiming to be this or that, assume they are not, and hang up, and go online and get a number from the website, and call them (if you have any doubts). You just never know. Scams are getting more and more sophisticated.

I had to do this just recently when I placed an order with www.cheapbatteries.com. I got an email from them saying my credit card info didn't go through, and to call a number. I called, and was half-way through the conversation (but hadn't yet given any info) when it hit me that I had no way to be sure whom I was speaking with. I apologized to the woman, told her I would call back and why, then hung up, got the number from the website, called back and . . .

. . . got the same woman again. LOL! But still, I was certain, then, that I wasn't giving my CC info to a scammer.

As for the security device, NEAT! I had heard about these but didn't know how it worked. Very cool.
 
Last edited:
You must log in or register to reply here.

Similar threads

V
New Scam Email Circulating Around The Internet
Replies
4
Views
454
ghostguy6
ghostguy6
Guitar Guy
Has anyone from USA bought a light from banggood?
2
Replies
22
Views
3K
Monocrom
Monocrom
raggie33
  • Locked
Usa has no fredoom anymore
14 15 16
Replies
303
Views
11K
orbital
orbital
SCEMan
  • Locked
Anyone worried about this?
7 8 9
Replies
162
Views
13K
knucklegary
knucklegary
Robocop
I missed this place....
2
Replies
36
Views
2K
Robocop
Robocop

Latest posts

Top