Epinions.com 
Join Epinions | Help | Sign In   

HomeMember CenterWriter's Corner: Technology Non-Fiction

Read Advice   Write an essay on this topic. 

Beware PayPal and Ebay Scams!!!

Aug 20 '05 (Updated Oct 08 '05)

The Bottom Line If a surprise email sends you to a link that asks you for any sensitive information, even if the site looks real, don't do it!

Yesterday, I received the following email:

You have added dechukiat@yahoo.com as a new email address for your PayPal account.

If you did not authorize this change or if you need assistance with your account, please contact PayPal customer service at:

https://www.paypal.com/us/wf/f=ap_email

Thank you for using PayPal!
The PayPal Team

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the header of any page.

--------

I was concerned so I went to the link and was "redirected"
to another website. Red flag #1. Why the "redirection"?

The website looked exactly like PayPal's website, But the url showing in my browser just didn't seem right. Red flag #2. The url looked strange.

And then I was told I had been randomly selected to have some of my account information "confirmed." The first thing they asked for was my credit card number and expiration date.

That was enough.

I backed out of this website and started over, logging into my PayPal account. I sent an email to them, asking if the email I received was authentic.

Then I did some reading at both Ebay and PayPal. It turns out that this sort of scam is fairly common, and it's called "spoofing" or "phishing." Someone who wants to capture your credit card or other information sends you an email that directs you to a site that is designed to resemble an authentic and familiar site. Then they ask you for information Ebay or PayPal (or whomever) would not ask you for.

I read somewhere that the famous African Scams have a hit rate of approximately 1/10 of 1%. That sounds low, but if they send their SPAM to 1,000,000 people, that's 1000 victims. I don't know what the hit rate is for phishing, but the email I received was fairly convincing. The writing was flawless, and the faux-websites looked pretty much like the real deal.

If you receive such an email, DO NOT provide the information requested at the website you've been directed to.

Back out and log on to the real website. Forward the email you received to them so they can investigate. Do not add any text to the forward. At PayPal the address for forwarding the scam email is spoof@paypal.com. At Ebay, it is spoof@Ebay.com.

I did this and also sent a separate email to PayPal, asking about the email I had received. The next morning, I received an email from PayPal, confirming that the email I had received was not from them. Some of the text from that email included the following:

Thank you for contacting PayPal. We appreciate you bringing this
suspicious email to our attention.

Commonly referred to as phishing, these emails are sent by fraudsters in
an attempt to collect sensitive personal or financial information from
the recipients. PayPal takes phishing threats seriously. Our fraud
prevention specialists are working 24/7 to help protect you and enable
the community to stay safe.

After review, we can confirm that the email you received was not sent by
PayPal. Any website which may be linked to this email is not authorized
or used by PayPal.

Our fraud prevention team is working to disable any website linked to
this email. In the meantime, please do not enter any information into
this website. If you have already done so, you should immediately log
into your PayPal account and change your password, as well as your
security questions and answers. We also recommend that you contact your
bank and credit card company immediately.

--------

Fortunately, I didn't enter any sensitive information beyond my PayPal password. I changed my PayPal password once I realized what was going on, just in case the scam artists might capture that information and try to use my account to launder money or something along those lines. But that's about it.

I gather this kind of email is common now, so many reading this may have already had experiences similar to the one I describe. I've received literally hundreds of African Scam emails, but this was my first experience with one like this.

Please pass this on if you have friends who are internet-naive or maybe just a little too trusting.


Comments on this Review
 Read all comments (12)
 Write your own comment
Horswispr

Epinions.com ID:
Horswispr
Horswispr is an Advisor on Epinions in Electronics, Musical Instruments
Horswispr is a Top Reviewer on Epinions in Electronics, Musical Instruments
Epinions Most Popular Authors - Top 100
Location: Hwy 101
Reviews written: 453
Trusted by: 404 members
About Me:
"When a man don't use good judgment, it's the innocent who pay." --James King


Help | Member Center | Message Boards | Site Rules | User Agreement | Privacy Policy | Site Index | Topic Index  
About Epinions | Careers | Contact Epinions | Advertising  

Epinions | Shopping.com | Rent.com | Free Classifieds | Price Comparison UK

Shopping.com Network © 1999-2009 Shopping.com, Inc. Trademark Notice

Epinions.com periodically updates pricing and product information from third-party sources,
so some information may be slightly out-of-date. You should confirm all information before relying on it.