Phishing attempt on Paypal account

General comments and chit-chat, or tell us how we can improve KiasuParents.com

Phishing attempt on Paypal account

Postby sembgal » Sun Jun 08, 2014 11:11 am

I got an email from "paypal" telling me I sent a payment for $215 to Blahan International AG. I've never heard of the company before and definitely did not pay for anything. The email said it may take time for the transaction to show in my account. It made no sense. Because I do not have a Paypal account in the first place!! They want me to log in through their fake Paypal page to ask me key in all my personal details like Name, email address, password, etc. sounds scary right.

So I did a google search and realised it was a phishing attempt. I forwarded the email to spoof@paypal.com for the abuse department to take action.

It even gives a message to recipient which is something like "lamps for Hugh from XYZ place."

This doesn't seem legit at all. It doesn't even look like the normal paypal email receipt.


Here is reply from Paypal after I reported the phishing attempt.


Thank you for being a proactive contributor by reporting
suspicious-looking emails to PayPal's Abuse Department. Our security
team is working to identify if the email you forwarded to us is a
malicious email.
Paypal Will Always:
- Address our customers by their first and last name or business name of
their PayPal account
Paypal Will Never:
- Send an email to: "Undisclosed Recipients" or more than one email
address
- Ask you to download a form or file to resolve an issue
- Ask in an email to verify an account using Personal Information such
as Name, Date of Birth, Driver's License, or Address
- Ask in an email to verify an account using Bank Account Information
such as Bank Name, Routing Number, or Bank Account PIN Number
- Ask in an email to verify an account using Credit Card Information
such as Credit Card Number or Type, Expiration Date, ATM PIN Number, or
CVV2 Security Code
- Ask for your full credit card number without displaying the type of
card and the last two digits
- Ask you for your full bank account number without displaying your bank
name, type of account (Checking/Savings) and the last two digits
- Ask you for your security question answers without displaying each
security question you created
- Ask you to ship an item, pay a shipping fee, send a Western Union
Money Transfer, or provide a tracking number before the payment received
is available in your transaction history
READ!
Any time you receive an email about changes to your PayPal account, the
safest way to confirm the email's validity is to log in to your PayPal
account where any of the activity reported in the email will be
available to view. DO NOT USE THE LINKS IN THE EMAIL RECEIVED TO VISIT
THE PAYPAL WEBSITE. Instead, enter www.paypal.com into your browser to
log in to your account.
What is a phishing email?
You may have received an email falsely claiming to be from PayPal or
another known entity. This is called "phishing" because the sender is
"fishing" for your personal data. The goal is to trick you into clicking
through to a fake or "spoofed" website, or into calling a bogus customer
service number where they can collect and steal your sensitive personal
or financial information.
We will carefully review the content reported to us to certify that the
content is legitimate. We will contact you if we need any additional
information for investigating the matter. Please take note to the
security tips provided above as they may help to answer any questions
that you may have about the email you are reporting to us.
Help! I responded to a phishing email!
If you have responded to a phishing email and provided any personal
information, or if you think someone has used your account without
permission, you should immediately change your password and security
questions.
You should also report it to PayPal immediately and we'll help protect
you as much as possible.
1. Open a new browser and type in www.paypal.com.
2. Log in to your PayPal account.
3. Click "Security and Protection" near the top of the page.
4. Click "Identify a problem."
5. Click "I think someone may be using my account without permission."
6. Click "Unauthorized Account Activity."
Thank you for your help making a difference.
Every email counts. By forwarding a suspicious-looking email to
spoof@paypal.com, you have helped keep yourself and others safe from
identity theft.
Thanks,
The PayPal Team

sembgal
KiasuGrandMaster
KiasuGrandMaster
 
Posts: 2944
Joined: Tue Apr 28, 2009 11:36 pm
Total Likes: 39


Re: Phishing attempt on Paypal account

Postby sembgal » Sun Jun 08, 2014 11:16 am

Here is another email that the legitimate Paypal sent to me after I report the go phishing attempt.

Thanks for forwarding that suspicious-looking email. You're right - it
was a phishing attempt, and we're working on stopping the fraud. By
reporting the problem, you've made a difference!
Identity thieves try to trick you into revealing your password or other
personal information through phishing emails and fake websites. To learn
more about online safety, click "Security Center" on any PayPal webpage.
Every email counts. When you forward suspicious-looking emails to
spoof@paypal.com, you help keep yourself and others safe from identity
theft.
Your account security is very important to us, so we appreciate your
extra effort.
Thanks,
PayPal
This email is sent to you by the contracting entity to your User
Agreement, either PayPal Ince, PayPal Pte. Ltd or PayPal (Europe) S.à
r.l. & Cie, S.C.A. Société en Commandite par Actions, Registered Office:
5th Floor 22-24 Boulevard Royal L-2449, Luxembourg RCS Luxembourg B 118
349.

sembgal
KiasuGrandMaster
KiasuGrandMaster
 
Posts: 2944
Joined: Tue Apr 28, 2009 11:36 pm
Total Likes: 39


Re: Phishing attempt on Paypal account

Postby ChiefKiasu » Sun Jun 08, 2014 12:08 pm

Good move, sembgal. Phishing is happening all the time. We need to be alert and help by letting the service provider know of any suspicious behavior.

Speaking of which, have you guys changed your Amazon.com account password yet?

ChiefKiasu
Site Admin
 
Posts: 15221
Joined: Mon Sep 03, 2007 9:16 am
Location: Singapore
Total Likes: 319


Re: Phishing attempt on Paypal account

Postby ngl2010 » Sun Jun 08, 2014 12:18 pm

Yup. Changed the Amazon password, PayPal password and other sites where I used the same password.

Do you think we should change the SingPass password due to the recent breach?

ngl2010
KiasuGrandMaster
KiasuGrandMaster
 
Posts: 6033
Joined: Tue May 24, 2011 2:03 pm
Total Likes: 68


Re: Phishing attempt on Paypal account

Postby limlim » Sun Jun 08, 2014 6:41 pm

Gotten Phishing email before. Wanted to forward to paypal but not sure where to email to. Thanks for sharing the info.

limlim
KiasuGrandMaster
KiasuGrandMaster
 
Posts: 6623
Joined: Mon Aug 02, 2010 9:43 pm
Total Likes: 102



Re: Phishing attempt on Paypal account

Postby kiasu--carer » Wed Jun 11, 2014 5:15 pm

So many data breaches these day. Reminder to change Ebay password ASAP!

kiasu--carer
OrangeBelt
OrangeBelt
 
Posts: 43
Joined: Sun Dec 16, 2012 1:29 pm
Total Likes: 0


Re: Phishing attempt on Paypal account

Postby sembgal » Sat Jun 21, 2014 11:53 pm

Another phishing attempt from fake Paypal.

Be WARNED! Here's the email.




You are receiving this notification because you have elected to receive email notice of all PayPal Policy Change Notices.You must login or your data account will removed from PayPal System.

PayPal recently posted a new Policy Update. You can view this Policy Update by logging in to your PayPal Account. To log in to your Account, Click Here Go To PayPal and enter your member log in information. Once you are logged in, look at the notifications section on the top right side of the page for the latest Policy Updates.

If you need help logging in, go to our help center by clicking the help link located in the upper right-hand corner of any PayPal page.

Sincerely,
PayPal

I just reported it to the legitimate Paypal.

sembgal
KiasuGrandMaster
KiasuGrandMaster
 
Posts: 2944
Joined: Tue Apr 28, 2009 11:36 pm
Total Likes: 39



Return to Recess Time