Almost Fooled by PayPal Scam
I almost got fooled by another one of those PayPal “phishing” scams awhile back. Below is a screen capture of the email that I received. Notice how the “Who” indicates that it’s from “PayPal Customer Support” and the “Subject” line is “Security Notice No:15768″.
The scammers even included the warning:
PROTECT YOUR PASSWORD
NEVER give your password to anyone and ONLY log in at PayPal’s website. If anyone asks for your password, please follow the Security Tips instructions on the PayPal website.
Hmmm… nice scammers! Fortunately, the Eudora email software saved my bacon… again! When I cursored over the link in the email this pop-up appeared:
The actual host http://www.qd-race.com/images/.www.paypal.com/index.html?cmd=_login-run is different from the host https://www.paypal.com/cgi-bin/webscr/?cmd=_login-run
If your email software doesn’t do that, then it’s time to check the full headers within the email itself.
The headers within that particular email contained “From: Paypal Customer Support
However, the real story was further below:
X-AntiAbuse: Sender Address Domain – ns2.73dpi.com
X-SA-Exim-Mail-From: international-express@ns2.73dpi.com
Don’t get fooled!
Cheers ~ Ros
Want more info?
Rosalind Gardner is a Super Affiliate blogger, author, speaker, and Internet marketing consultant.
If you enjoyed this article and want to be notified the next time Rosalind writes something, subscribe to her RSS feed or the No-Hype, No-BS, No Spam NPT newsletter. You can also follow her on Twitter and Facebook. Thanks for visiting!
Related Posts
- Latest Scam Emails
- Thinking about Using a PayPal “Donate” Button on Your Blog?
- Credit Card Scam Warning
- Did you know that Bluehost accepts checks and Paypal?
- Affiliate Scam Alert: Bogus Merchants
Hi, Rosalind, I always check any emails from Paypal or any other payment processors, or banks.
Right click on email, click properties, then details, see if its really from them.
I never login to accounts via emails.
If something needs your attention, go directly to their site and login there, and check messages etc.
If you’re unsure if an email is from them contact them via their website.
Like most I get loads of these emails everyday but very rarely are they from Paypal.
Regards
Derek Pryde
Hello Derek, You’re absolutely correct and I think that the ‘never login to accounts from email’ is especially wise advice. Thanks
Ros
Recently I nearly got had by an email phishing scam purporting to be from Ebay.
The email said that there was a dispute and that I had failed to send out an item and that the registered complaint was being investigated.
Thinking more about the fact that I had not sold this particular item and worrying that I might get bad feedback, I clicked on the link and was taken to my ebay check in page.
It looked identical and I was about to “login” when my ebay toolbar popped up warning me that this was a dodgy site.
PLEASE make sure you warn your members about this. I was lucky to have the the ebay toolbar installed. Others might not be so lucky.
I never fall for these generally but it was so convincing. So, a warning to all…. TAKE CARE…
Lloyd
The only way to succeed, is to take action
Hi Rosalind,
There’s another way to know whether an email is really from Paypal or eBay. If you’ll notice the fake email that you received greets you as “Dear Paypal User”. Legitimate emails from Paypal and eBay always address you by your member name.
There ya go… another good tip for ferreting out the scammers. Thanks, Sharon! ~ Ros
Hi Roz: Sharon is right except that they address you by your real name – the one you were given at birth. Your user name, according to Paypal and eBay, is your signin or login name. The s*c*a*mers have no way of knowing your real name unless they have bought from you or sold to you. Just wanted everyone to have the real skinny. Murray