# Bogus Paypal E-mail



## goalcreas (Nov 20, 2006)

I just received what looks to me like a BOGUS E-MAIL from someone trying to get you to log onto a screen that looks exactly like Paypal login screen. This e-mail came to me at an e-mail address that is not tied to my paypal account, so that is my first "LOOK OUT"
2nd, I clicked onto their link, and it looked exactly like the Paypal, to the "T", but no security lock, and there is a bunch of extra text in the URL, so I opened the paypal site, and sure enough there is the security lock symbol and no extra text in the URL.

These guys did a good job. 
I reported it to Paypal and will let you know what happens, but I wouldn't follow any links to paypal for now, just type in the www paypal com and sign in that way.

here is the text from the e-mail

As part of our security measures, we regularly screen activity in the 
PayPal system. We recently contacted you after noticing an issue on your 
account.We requested information from you for the following reason:

Our system requires further account verification.

Case ID Number: PP-140-076-751

Please confirm your Paypal account,click the URL below:

http://www.paypal.cgi-bin.logginrun.cmdsystem.org/

This is a second reminder to log in to PayPal as soon as possible. Once 
you log in, you will be provided with steps to restore your account 
access.

Once you log in, you will be provided with steps to 
restore your account access. We appreciate your understanding as we work to 
ensure account safety.

In accordance with PayPal's User Agreement, your account access will 
remain limited until the issue has been resolved. Unfortunately, if 
access to your account remains limited for an extended period of time, it 
may result in further limitations or eventual account closure. We 
encourage you to log in to your PayPal account as soon as possible to help 
avoid this.

To review your account and some or all of the information that PayPal 
used to make its decision to limit your account access, please visit the 
Resolution Center. If, after reviewing your account information, you 
seek further clarification regarding your account access, please contact 
PayPal by visiting the Help Center and clicking "Contact Us".

We thank you for your prompt attention to this matter. Please 
understand that this is a security measure intended to help protect you and your 
account. We apologize for any inconvenience.

Sincerely,
PayPal Account Review Department

PayPal Email ID PP638

doesnt' sound like something that Paypal would do, if for any reason it is a good e-mail, I will post here, but I HIGHLY DOUBT IT


----------



## orlando (Feb 14, 2007)

Crap, keep us posted. Worried


----------



## turbomkt (Mar 31, 2004)

Actually...I think that one is real


----------



## goalcreas (Nov 20, 2006)

I wouldn't be worried unless you opened the e-mail, followed the link and input your username and password.

IF YOU DID

IMMEDIATLY SIGN ON TO PAYPAL BY TYPING IN THE ADDRESS IN YOUR WEB BROWSER AND
CHANGE YOUR PASSWORD.

while you are there, check your activity and if anything looks wrong, report it.


----------



## goalcreas (Nov 20, 2006)

turbomkt said:


> Actually...I think that one is real


did you follow the link and compare it to the real log on page?


----------



## turbomkt (Mar 31, 2004)

Oh...unless the link you provided was just in the text and isn't actually the link you are taken to when clicking inside the e-mail.


----------



## goalcreas (Nov 20, 2006)

Right, that link was in the e-mail and it does have signifigant differences from the REAL paypal site.

Mainly the golden padlock that tells you that you are on a secure site down in the bottom right of your screen next the the pic of the world and the word INTERNET

And the fact that there is a bunch of extra text in the address bar and followed by the .org


----------



## turbomkt (Mar 31, 2004)

goalcreas said:


> did you follow the link and compare it to the real log on page?


Sure did. Did you notice is uses SSL? The link in the post is legit, even if the e-mail had a redirect built in to another site.

For paypal phishing, I recommend looking here and here.


----------



## goalcreas (Nov 20, 2006)

For some reason, that copy pasted address does not take me to the same page that the one in the e-mail does.

http://www.paypal.cgi-bin.logginrun.cmdsystem.org/

This is what pops up in the address bar when I follow the link from the e-mail.

now see the difference.


----------



## turbomkt (Mar 31, 2004)

That's better. Definitely a bogus link 

My problem is I have received an e-mail very similar to that, and it was real. My account had been limited and I had to jump through hoops to get it back up.


As noted in my links, when you get an e-mail from paypal, you need to type in the address yourself rather than clicking any links.


----------



## goalcreas (Nov 20, 2006)

Well my main reason for suspicion was that this came to an e-mail address that was not linked to my Paypal account.

I never follow links unless it is from a known seller and it is to pay for a specific item that I know I have recently made an agreement to purchase.


----------



## Bert H (Mar 2, 2004)

Folks really need to be aware of the 'phishers' out there. I get about 1 one of those a week claiming to be from paypal, a bank, credit card company, etc. My e-mail throws them all into the 'junk mail' category automatically, and I just delete. Some of the spam is from banks or companies I have no dealings with.


----------



## goalcreas (Nov 20, 2006)

I too get alot of them, but this is the first one from Paypal that I had seen for quite some time, so I just wanted to warn people, there are plenty of people out there that still don't get this THREAT


----------



## goalcreas (Nov 20, 2006)

Just got the following e-mail from Paypal confirming it is a bogus e-mail.
Again, this is FYI, for those of you that are not aware of the tactics used by criminals trying to get your information.

Dear Mr. Wood,

Thank you for bringing this suspicious email to our attention. We can 
confirm that the email you received was not sent to you by PayPal. The 
website linked to this email is not a registered URL authorized or used 
by PayPal. We are currently investigating this incident fully. Please 
do
not enter any personal or financial information into this website.

If you have surrendered any personal or financial information to this 
fraudulent website, you should immediately log into your PayPal account 
and change your password and secret question and answer information. 
Any
compromised financial information should be reported to the appropriate 
parties.

If you notice any unauthorized activity associated with your PayPal 
transaction history, please immediately report this to PayPal by 
following the instructions below:

1. Go to https://www.paypal.com/

2. Click on the Security Center at the bottom of the page

3. Click on 'Report a Problem'

4. Select the Topic: Report Fraud

5. Select the Subtopic: Unauthorized use of my PayPal Account

6. Enter your question in the 'Summarize your question in one 
sentence' box

7. Click Continue

8. Follow the instructions to access the appropriate form

We are continually improving our customer service to accommodate 
members' needs and can be contacted via secure webform at 
https://www.paypal.com/wf/f=default.

If you are unable to log in to your account, please contact us using 
the
webform at https://www.paypal.com/ewf/f=default.

This email is sent to you by the contracting entity to your User 
Agreement, either PayPal Inc or PayPal (Europe) Limited. PayPal(Europe) 
Limited is authorised and regulated by the Financial Services Authority 
in the UK as an electronic money institution.


----------



## JanS (Apr 14, 2004)

I get them all the time and just forward them all to [email protected] then delete them.

The first big tip off that they're not real is if it doesn't start out with your real registered name, and just says "dear Paypal customer".

Paypal really wants to know about them, so it's best to forward all of them.


----------



## slickwillislim (Oct 11, 2005)

Thats pretty scary that site looks really good. The URL isn't that different. 

I thought it was cool that when I clicked on the link and the site popped up Firefox immediatly told me the page was a forgery. Thats great service for a free product. Man I love Firefox.


----------



## John N. (Dec 11, 2005)

I made the mistake, and I clicked on one of those 'phishing' emails, and entered my info etc. Less than a day later I had over $1000+ withdrawn from my account. Lucky for me, paypal locked my account for a few weeks and I got my money back.

Never will I click on a imbedded link from an email again. Ever since then I check for the little security lock on website, and the extra "s" next to http. 

-John N.


----------



## Laith (Sep 4, 2004)

When I clicked on the link in Firefox I got a message (I think from Firefox) warning that this was a bogus page...

Nobody else got that warning?


----------



## Naja002 (Nov 15, 2005)

*NEVER, Ever* click those links and fill in the information. Just go directly to the site that it claims to be from and log in to Your account (paypal, citi, ebay, etc, etc, etc).

Also, My browsers show the linked to address in the bottom right hand of the screen. I just put my curser over it and it shows instantly--no need to click anything.

If in doubt: Go log in to Your account directly!


----------



## LindaC (Nov 7, 2005)

I've received one of these emails a couple of months ago! They do look very authentic but the fact that I hadn't used Paypal in a while sent up a red flag and I went on to the site and realized that they were not looking for any further information from me. I ended up deleting the email but it came back to me again a couple of days later, I hit the reply key and wrote "give it up will you, your not getting any information from me" and that was the end of it, I didn't hear back from them again. 

I did notify Paypal and sent them a copy of the email and got a very similar response as you did. It's pretty scary.


----------



## John N. (Dec 11, 2005)

LindaC said:


> I've received one of these emails a couple of months ago! I ended up deleting the email but it came back to me again a couple of days later, I hit the reply key and wrote "give it up will you, your not getting any information from me" and that was the end of it, I didn't hear back from them again.


I was always told not to reply to any spam or phishing emails because it shows them your email account is active, and they'll keep you on the email lists. Not sure if this is 100% accurate, but it makes sense.

-John N.


----------



## Kelley (Aug 27, 2006)

These phishing scams are so authentic, it's scary. I got one of them that looked like a receipt from paypal saying I had bought a $500 Dell computer. I clicked the link and. Thank goodness our firewall here at the university saved me. I was still so panicked that someone had hacked my account, that I frantically ran down four flights of stairs to our IT guys who assured me that I was ok. (I love those guys! They are so patient with technologically-impaired biologists.  )


----------



## JanS (Apr 14, 2004)

I got one like that last year too. It said it was a receipt for my payment for buying a PS-3 or something like that, and it had a link at the bottom to click if you didn't make this purchase. Of course I never click on the links, so I went in through my normal route and there was nothing there, but they are indeed getting more and more high tech.

I've heard that same thing about never replying too John and it does make perfect sense.


----------

