Warning Fake Paypal email

22
Found 6th Feb 2013
I just got an email from an account somewhere which was pretending to be PayPal.

The title was 'Confirm your new email address'

The sender was service@paypal.com, so it looked legitimate, the surprising thing was that it got delivered to my spam folder. Please read the first

comment where I have attached some pictures to explain how I found it to be fake. A useful tip I got from somewhere long ago that I have now

forgotten.
Community Updates
MiscPaypal
22 Comments
Original Poster
I COVERED ALL MY IP ADDRESSES AND MY EMAIL ADDRESS.

1. I right-clicked on the subject and selected 'View Full Header' (I use yahoo mail). In hotmail, this would be 'View message source'.

http://i50.tinypic.com/mu7pj7.png

In some, like Gmail, you would have to open the email first, not great.To learn how to do this in others, go here support.google.com/mai…454 . If yours still isn't among them I guess you could google it.


2. In the window that opens, you would see this. Notice the two things I underlined in red, those should ring the first alarm bells, return path is not to PayPal. The first underlining, in a normal PayPal email address, return path should be to something@paypal.com (or.co.uk) e.g service@paypal.com. The second underlining, in a normal PayPal email address, an IP address would be designated there.

http://i47.tinypic.com/2rmv3hf.png


3. I scroll down further and I see where the spammer tried to guess my email address by sending out emails to random addresses. For example if your email address was johnthedon@yahoo.com, it would have guesses like; johndon@yahoo.com, jendon2001@yahoo.com e.t.c I don't think those six was all it took to guess my email, but anyway that's all I saw.

http://i45.tinypic.com/2wohcv8.png


4. Scroll down further again, lastly you would see where the spammer pretended to be service@paypal.com .

http://i50.tinypic.com/30bnzts.png

It's called email phising: en.wikipedia.org/wik…ing - It was probably from the Wikipedia page that I discovered this method a while ago.

Another thing, I receive all my PayPal service emails from service@paypal.co.uk not service@paypal.com I would imagine you would only be

receiving service emails from one depending on where your account is registered, not both. That's a guess though, not a fact.

There is probably more, but that's all I know. I'm not too knowledgeable when it comes to email protocols. Hope it helps.

THE FIRST THING I DID BEFORE WRITING THIS UP WAS TO CHANGE MY PAYPAL PASSWORD, TWICE! Filled it with upper case, special characters, numbers...... (_;)

I may update this if I find more useful info
Edited by: "alababaju" 6th Feb 2013
Why o why do people fall for it ...Confirm email address was a clue when they emailed you......
Sigh
When you get an email from PayPal it will always start with..

Dear " your name "

Not "Dear customer" or anything like that.
Original Poster
daysleeper268

When you get an email from PayPal it will always start with..Dear " your … When you get an email from PayPal it will always start with..Dear " your name "Not "Dear customer" or anything like that.



Yeah, that too, thought this seems a good method if you want to find out if it's fake or not without opening the email at all.
alababaju

Yeah, that too, thought this seems a good method if you want to find out … Yeah, that too, thought this seems a good method if you want to find out if it's fake or not without opening the email at all.



Most of us online savvy people will know this but its good to post for people who may be less knowledgeable (Most of my family!) Can never have enough of these post's around imo so thanks.
I love the way you've explained it all op, well done

most sensible people with some scommon sense would never open an email from anyone asking to confirm something
gizmouk

Sigh



Why sigh? Was you born with an innate understanding of these things?
Banned
If your not tech savvy and you get a suspicious email from paypal....just forward it to spoof@paypal.co.uk and they will then clarify it's authenticity.
gizmouk

Sigh

Why sigh? Was you born with an innate understanding of these things?

Why sigh? Was you born with an innate understanding

Why sigh? Was you born with

Was you











Sigh.
nothing left in my account now anyway, just sent some to help the king of Nigeria out. once I get it back + the £60000 he promised, I shall read your advice so I don't get scammed
I get ebay spoofs all the time, oddly enough each one stupidly has different item numbers in the subject, message body, and the so called listing information, which give the game away every time.
Just had one with the subject line "URGENT ACTION REQUIRED"
from:- ssl@server209@paypal.co.uk

Sent to an e-mail address reserved for other purposes, not the one PayPal have and saying about 'recent' transactions. I haven't made any!

I've forwarded it, as per the address in #9 ((thank you slamdunkin) saved having to look it up). Also glad of this post, as it made me aware that some were currently doing the rounds. Handy if your mind is elsewhere sometimes. Thanks OP.
thx for sharing!!
Original Poster
gr8h8me

Why o why do people fall for it ...Confirm email address was a clue when … Why o why do people fall for it ...Confirm email address was a clue when they emailed you......



A lot of websites send an email to the address you registered with them, at time of registeration, where you have to click a link from that email to confirm that the address is yours else the account you are trying to register would not be validated. That's the ploy here I think.
RossD89

Why sigh? Was you born with an innate understanding of these things?



Well, I work for one of the biggest ISPs/Telcos in Europe
so - born, no.
Experienced - very

Edited by: "gizmouk" 7th Feb 2013
Pypal & Ebay don't need to send an email to scam/extort us. They just tell us they are doing it...and we let them.
wow, I get about 1 a day on my web email account, goes straight into junk folder with all the others with the exact same format just a different bank etc

thread required?

alababaju

I COVERED ALL MY IP ADDRESSES AND MY EMAIL ADDRESS.1. I right-clicked on … I COVERED ALL MY IP ADDRESSES AND MY EMAIL ADDRESS.1. I right-clicked on the subject and selected 'View Full Header' (I use yahoo mail). In hotmail, this would be 'View message source'.



And easier way of seeing where an email might have come from is by pasting the RP info here:
http://whatismyipaddress.com/trace-email

Might as in - there are ways to mask/spoof IP addresses

Edited by: "gizmouk" 7th Feb 2013
Thankfully I haven't been fooled by these scammers..... yet! I suppose the day will come. Just to let you know that recently I changed both ebay and Paypal email accounts due to a problem regarding gmail. When googlemail changed to just gmail some payments to and from paypal were not being recognized. It was the change from Googlemail to Gmail that was causing it. All sorted now BUT, I have noticed that since changing I have received NO spam what-so-ever! And, ebay and Paypal don't sell on your email addresses! Makes you wonder.
Thanks for letting us know, such a brand new scam could easily catch someone out.





oO
Edited by: "jonny619447" 7th Feb 2013
Post a comment
Avatar
@
    Text

    Top Discussions

    Top Merchants