Has anyone gotten this email from PayPal?

matrixshaman

Flashlight Enthusiast
Joined
Jan 17, 2005
Messages
3,408
Location
Outside the Matrix
I get phishing and spoof email all the time and know how to recognize them quickly. However of particular concern was one I got today -- the difference in it was that the sender had my actual name. All past spam and phishing, spoof emails don't know your real name normally. It was about PayPal policy updates and gave an address of email1.paypal.com to log in to with some code after the .com/ I might have considered it to be valid but the web site and address given are completely non-responsive. It also seems to have an expired (as of today) domain registration so at this point I'm guessing it was a phishing attempt that has already been shut down. The only way I can imagine this happened would be if the phishing/hacker had done business with me in the past.

I am still checking on this and have forwarded the email complete with header info to PayPal to verify this is not valid. If it is valid then PayPal's having a problem with their link in the email or it is on a server that has been shut down. However I doubt this as any normal policy updates would not give you a link other than https://www.paypal.com to click on.
If you get any email like this or have gotten one recently I'd like to hear from you as I take it very seriously when a hacker knows my name and is phishing.
 

smvtsailor

Newly Enlightened
Joined
Jul 18, 2007
Messages
56
The e-mail was most likely a phishing scam. Personal information can easily be gathered from the internet or from certain businesses, and can be put into e-mail addresses. Some large companies also will allow third party advertisers to use your personal information unless you specifically request that they do not or they specifically state that they do not. I occasionally get spam with my full name in it as well, and it is a bit disconcerting.

Nota Bene: E-mails requesting credit card information and other tasty tidbits in the body of the e-mail are never good, even if the website looks legit. Most large corporations will never send an e-mail requesting credit card information!
 

BIGIRON

Flashlight Enthusiast
Joined
Feb 9, 2004
Messages
1,879
Location
South Texas
I got the same paypal phish a month or so ago and I don't have a paypal account. I called paypal and they said it was pure phishing, probably from one of the credit bureau lists.

edit - it was also to my "protected" email account which I never use for anything that could generate spam. I (and the paypal guy) am totally puzzled as to how that got out. My domain host said it was probably just a "shotgun" attack, where the phisher gets a domain name and then automatically sends thousands (or millions) of emails with various names to that domain. Kinda over my head. I can probably afford better spam protection when I get my money from the Ethiopian princess.
 
Last edited:

matrixshaman

Flashlight Enthusiast
Joined
Jan 17, 2005
Messages
3,408
Location
Outside the Matrix
Thanks for chiming in on this - I'm pretty well versed in this aspect of cybercrime but it is the first time anyone had my name. I think I have some ideas of where it may have come from - (outside the U.S.) but they won't get any info from me. I actually was willing to try the address in my browser to see what happened because I not only run my browser in a Sandbox but have a number of other special programs to prevent any foul play while browsing and that's in addition to firewalls, anti-virus and anti-spyware programs.

Does anyone here use a PayPal security key? It's a small digital device PayPal sells that generates a new PIN about every 30 seconds so everytime you log in you'll enter a different PIN in addition to your password. It seems like a fairly good idea and for only $5 including shipping it can add a fairly strong layer of security. No monthly fees or any other charges either.
 

BIGIRON

Flashlight Enthusiast
Joined
Feb 9, 2004
Messages
1,879
Location
South Texas
Our local Association of Realtors uses that system to protect MLS access. Really works. Probably if I did paypal, I'd do that.

Only problem I had with the MLS code key was leaving it in my office (I don't like a bunch of stuff in my pocket) so if I wanted to access the MLS from a computer outside my office and didn't have the key with me, I was out of luck.
 

Crenshaw

Flashlight Enthusiast
Joined
Sep 14, 2007
Messages
4,308
Location
Singapore
Thanks for chiming in on this - I'm pretty well versed in this aspect of cybercrime but it is the first time anyone had my name. I think I have some ideas of where it may have come from - (outside the U.S.) but they won't get any info from me. I actually was willing to try the address in my browser to see what happened because I not only run my browser in a Sandbox but have a number of other special programs to prevent any foul play while browsing and that's in addition to firewalls, anti-virus and anti-spyware programs.

Does anyone here use a PayPal security key? It's a small digital device PayPal sells that generates a new PIN about every 30 seconds so everytime you log in you'll enter a different PIN in addition to your password. It seems like a fairly good idea and for only $5 including shipping it can add a fairly strong layer of security. No monthly fees or any other charges either.

i want that, seems safer...5$ is a very small amount when compared to losing a bank account's worth because you bought something on bst....of course that sometimes happens because you actually bought something..:ohgeez:

Crenshaw
 

gorn

Enlightened
Joined
Aug 31, 2004
Messages
857
Location
The Big Valley, Calif. USA
Does anyone here use a PayPal security key? It's a small digital device PayPal sells that generates a new PIN about every 30 seconds so everytime you log in you'll enter a different PIN in addition to your password. It seems like a fairly good idea and for only $5 including shipping it can add a fairly strong layer of security. No monthly fees or any other charges either.

That is a great deal. I have the same type of security device to access my Sheriff's Office web page as an administrator. The security is as close to bullet proof as you can get. But the key fob sized device cost the Sheriff's Office $180, not $5.
 

1 what

Enlightened
Joined
Jul 6, 2007
Messages
617
Location
Australia
Hi BIGIRON (post#3)
Quote:
"I can probably afford better spam protection when I get my money from the Ethiopian princess."
:crackup::crackup::crackup:
 

js

Flashlight Enthusiast
Joined
Aug 2, 2003
Messages
5,793
Location
Upstate New York
Never, EVER, click on a paypal (or similar) link in an email. Always, ALWAYS, open a fresh browser window, and start with www.paypal.com (or whatever), and go to your account from there.

If someone calls or emails claiming to be this or that, assume they are not, and hang up, and go online and get a number from the website, and call them (if you have any doubts). You just never know. Scams are getting more and more sophisticated.

I had to do this just recently when I placed an order with www.cheapbatteries.com. I got an email from them saying my credit card info didn't go through, and to call a number. I called, and was half-way through the conversation (but hadn't yet given any info) when it hit me that I had no way to be sure whom I was speaking with. I apologized to the woman, told her I would call back and why, then hung up, got the number from the website, called back and . . .

. . . got the same woman again. LOL! But still, I was certain, then, that I wasn't giving my CC info to a scammer.

As for the security device, NEAT! I had heard about these but didn't know how it worked. Very cool.
 
Last edited:
Top