Pages in topic:   [1 2] >
PayPal yet again: kosher or new phishing ploy?
Thread poster: Parrot

Parrot  Identity Verified
Spain
Local time: 23:28
Member (2002)
Spanish to English
+ ...
May 26, 2007

PayPal has always been adamant about us not believing any notices that did not have our personal names in the message, but today I received two emails marked "PayPal" with my name on it.

The return address was "phishy" to say the least and looked like (xxx)@email.paypal.es

The message is that PayPal Europe is moving from the UK to Luxemburg starting 2 July, and I can imagine that afterwards new emails will be forthcoming (which might be phishing mails). There was a link in the mail that I haven't clicked on, purporting to explain new policies.

I have a practice of copying the headers of such mails and forwarding them to a true PayPal address along with the email for verification, and PayPal always respond, but never immediately (something like a 4-day gap is more realistic).

In the interim, I'd like to know if anyone else has received such a message and managed to have it verified by PayPal, since this would seem to concern all mainland European accounts.

If not, I'll keep you all informed in this thread.


Direct link Reply with quote
 

Luisa Fiorini  Identity Verified
Italy
Local time: 23:28
Member
English to Italian
+ ...
I received it May 26, 2007

Hi Parrot,

I received the same email this morning but since I am new to paypal (I have always received payment by bank transfer, also from outsourcer outside Europe) I don't know how to have it verified by paypal.


Direct link Reply with quote
 

Capesha  Identity Verified
Local time: 23:28
Member (2006)
English to German
+ ...
I received the same May 26, 2007

I also received this email. I did not yet checked or verified it and did not think abuot phishing or fraud.
Let's wait and see,if others are also concerned?


Direct link Reply with quote
 

Raffaella Panigada  Identity Verified
Switzerland
Local time: 23:28
Member (2007)
English to Italian
+ ...
Me too May 26, 2007

Hi, I received the same message this morning but haven't had the time to check it out yet. It does look like the real thing, but unfortunately you never know...

Raffaella


Direct link Reply with quote
 

Sylvain Leray  Identity Verified
Local time: 23:28
Member (2003)
German to French
Me too May 26, 2007

In French and with a .fr reply address.
And it doesn't look too phishy to me, since it does not require to click anywhere or to "interact" in any way, like the usual junk does (there is only one link, which I did'nt click)...

[Modifié le 2007-05-26 12:03]


Direct link Reply with quote
 

Parrot  Identity Verified
Spain
Local time: 23:28
Member (2002)
Spanish to English
+ ...
TOPIC STARTER
Sylvain May 26, 2007

When the sender's name includes something like 6d5sbxztb.fc4f@ , my alarms blow up. They sound like those people selling pirated software or Viagra.

Luisa, if you have a valid Paypal account that you're sure is all there and kosher, log in and look for the local e-mail address to report phishing ploys. The one for Spain is correos_falsos@paypal.es . It should be similar for Italy.

On copying headers: click on the email, right-click and select "Properties". The second tab will show you the headers. Copy with right-click or ctrl-C. Paste with ctrl-V.

HTH.


Direct link Reply with quote
 

José Henrique Lamensdorf  Identity Verified
Brazil
Local time: 20:28
English to Portuguese
+ ...
What PayPal advises May 26, 2007

Parrot wrote:
PayPal has always been adamant about us not believing any notices that did not have our personal names in the message, but today I received two emails marked "PayPal" with my name on it.


Most of the phishing schemes falsely using PayPal's name start with "Dear User", or "Dear Customer". However this doesn't prevent scammers to invade mailing lists and getting your name AND your e-mail, and therefore being able to put it there. Spammers and friends who send jokes openly "To:" a list of several dozen (or hundred!) people help them a lot.

Parrot wrote:
The message is that PayPal Europe is moving from the UK to Luxemburg starting 2 July, and I can imagine that afterwards new emails will be forthcoming (which might be phishing mails). There was a link in the mail that I haven't clicked on, purporting to explain new policies.


I don't recall if PayPal says that so explicitly, but I NEVER click on any link on a message from PayPal nor from any other sender pretending to be PayPal (or Ikobo, Moneygram, Moneybookers - any money-related site). If the message shows some likelihood of being kosher, and they tell me to do something in my account, I log in normally at their site and try to do it... but never through links, even if they swear on their knees that these are good, and that it won't work on their site. I know that if it's real, it will.

Parrot wrote:
I have a practice of copying the headers of such mails and forwarding them to a true PayPal address along with the email for verification, and PayPal always respond, but never immediately (something like a 4-day gap is more realistic).


Just forward the whole message as-is to spoof@paypal.com. You'll get confirmation in a matter of minutes. So far I only got confirmation that all messages I fwd'd them were phonies.


Direct link Reply with quote
 

Elena Bellucci
Local time: 23:28
Member (2003)
English to Italian
+ ...
log to you profile May 26, 2007

I never click on anything in possible phishing mails and never answer, I usually go and have a look at the source site. Since I received the same message I logged into my account to check amd file a spoof note if necessary. I could see that the content of the mail appears on a screen after you log in into your personal PP account so I would think this is a real message.

Direct link Reply with quote
 

Yolanda Broad  Identity Verified
United States
Local time: 17:28
Member (2000)
French to English
+ ...

MODERATOR
Paypal "spoof" address for immediate responses from them May 26, 2007

When I get what appears to be a phishing message purporting to be from Paypal, I *forward* it the following address:

spoof[at]paypal.com

Paypal responds within minutes to let me know whether it was a phishing message or something they'd sent.

To assist Paypal in tracking down the sender, I always *expand* the message headers before forwarding. There's some very helpful information on how to expand headers in various e-mail browsers here:

http://pobox.com/fullheaders.mhtml


Direct link Reply with quote
 

Wolf Kux  Identity Verified
Brazil
Local time: 20:28
Member (2006)
German to Portuguese
+ ...
Redundancy May 26, 2007

Dear Parrot:

on the honest airlines and on the honest train transport industry they have a so-called "redundancy concept", which could be distilled as:

every important action that can be taken, or important indicator or information to be shown / transmitted must be represented at least twice. On airplanes for the pilot and for the co-pilot. So you can see 2 independent compasses, 2 independent artificial horizons, and so on.

On brazilian iron-ore minig trains, which comonly run with 5 to 6 tandem locomotives and 200 or more iron ore freight cars, every order transmitted to the machinist is recorded, and the machinist has to repeat the received order. If he is in doubt, or responds incorrectly he is instructed again until he understands the order correctly. The trail commands have 2 interlaced networks, one on the trail ground, the other using microwave on hills. If one fails, the the other works, if the 2 network fail, then all trains stop.

So, when I get noticed by anything related to paypal, I first always look at all "click here" web addresses, but I never click on them. After this, I open www.paypal.com portal to find out exactly the same notice. If I did not find it out, I simply do not consider this notice. So I think I do my own redundancy check.


Best Regards!


Direct link Reply with quote
 

Angie Garbarino  Identity Verified
Local time: 23:28
Member (2003)
French to Italian
+ ...
This message (or similar) is inside my Paypal account too. May 26, 2007

Parrot wrote:
The message is that PayPal Europe is moving from the UK to Luxemburg starting 2 July, and I can imagine that afterwards new emails will be forthcoming (which might be phishing mails). There was a link in the mail that I haven't clicked on, purporting to explain new policies.


Yesterday I entered my Paypal account and I read that starting from July 2, Paypal Europe will be managed by a new Company

Are you sure the message we (yes me too) received is phising?

Yes I never click any link, always check in my Paypal account for possible news.

have a nice week end!

Angio


Direct link Reply with quote
 

Parrot  Identity Verified
Spain
Local time: 23:28
Member (2002)
Spanish to English
+ ...
TOPIC STARTER
DON'T TOUCH ANYTHING !!! May 26, 2007

Here's the response from "correos falsos" (Spanish version of spoof):

Dear [Me],

Thank you for warning us about this e-mail. We can confirm that the e-mail you received was not sent by PayPal. The website URL in this e-mail is not a registered URL authorized or used by PayPal. Right now we are investigating this incident in-depth. Do not enter any personal or financial information into this website.
****

It continues with the usual instructions of what to do if you have already entered data.

So now you know. Careful!!



Direct link Reply with quote
 

Parrot  Identity Verified
Spain
Local time: 23:28
Member (2002)
Spanish to English
+ ...
TOPIC STARTER
Angio... May 26, 2007

I don't have any problems with message content. It's the source we have to be careful about.

These messages are dangerous: in their links, instructions or whatever else they may contain or lead to.

I'd also like to know about any new policies they have, if any. But I'm not just going to click on any old link sent by X for that

Have a good one yourself!


Direct link Reply with quote
 

Samuel Murray  Identity Verified
Netherlands
Local time: 23:28
Member (2006)
English to Afrikaans
+ ...
What am I missing? May 26, 2007

Parrot wrote:
PayPal has always been adamant about us not believing any notices that did not have our personal names in the message, but today I received two emails marked "PayPal" with my name on it.


If you receive anything from PayPal that you're unsure of, simply visit the PayPal web site (by typing in the URL manually), log in to your account, and see if there are any special messages for you. If so, respond. If no, don't do anything. In both cases, delete the e-mail. What am I missing?


Direct link Reply with quote
 

Fan Gao
Australia
Local time: 09:28
Member (2006)
English to Chinese
+ ...
No action necessary May 26, 2007

I got one a couple of weeks back saying something about there'll be a new Luxembourg company, but it was highly uninteresting and at the end it said there was nothing that I needed to do so I just ignored it. If there was anything "phishy" going on, they would want you to do something!
Mark


Direct link Reply with quote
 
Pages in topic:   [1 2] >


To report site rules violations or get help, contact a site moderator:


You can also contact site staff by submitting a support request »

PayPal yet again: kosher or new phishing ploy?

Advanced search







Déjà Vu X3
Try it, Love it

Find out why Déjà Vu is today the most flexible, customizable and user-friendly tool on the market. See the brand new features in action: *Completely redesigned user interface *Live Preview *Inline spell checking *Inline

More info »
Anycount & Translation Office 3000
Translation Office 3000

Translation Office 3000 is an advanced accounting tool for freelance translators and small agencies. TO3000 easily and seamlessly integrates with the business life of professional freelance translators.

More info »



Forums
  • All of ProZ.com
  • Term search
  • Jobs
  • Forums
  • Multiple search