Your PayPal Security Measures Inbox
Reply
Reply to all
Forward
Print
Add PayPal to Contacts list
Delete this message
Report phishing
Show original
Message text garbled?
PayPal Security <service@paypal-security.com> to me
show details 1:26 pm (4 hours ago)

Images are not displayed.

Display images below - Always display images from service@paypal-security.com





--------------------------------------------------------------------------------

Security Center





128-bit encryption

At PayPal, we want to increase your security and comfort level with every transaction. From our Buyer and Seller Protection Policies to our Verification and Reputation systems, we'll help to keep you safe.






We recently noticed an attempt to log in to your PayPal account from France, a foreign IP address and we have reason to believe that your account was used by a third party without your authorization.

If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. Therefore, if you are the rightful account holder, click on the link below to log into your account and follow the instructions.


https://www.paypal.com/cgi-bin/webscr?cmd=_login-run


If you choose to ignore our request, you leave us no choice but to temporarily suspend your account.

If you received this notice and you are not the authorized account holder, please be aware th at it is in violation of PayPal policy to represent oneself as another PayPal user. Such action may also be in violation of local, national, and/or international law. PayPal is committed to assist law enforcement with any inquires related to attempts to misappropriate personal information with the intent to commit fraud or theft. Information will be provided at the request of law enforcement agencies to ensure that impersonators are prosecuted to the fullest extent of the law.

Thank you for your patience as we work together to protect your account.

Sincerely,
PayPal Account Review Department
PayPal, an eBay Company



--------------------------------------------------------------------------------
*Please do not respond to this e-mail as your reply will not be received.



I recently got this e-mail from paypal and was wondering if there is a way to tell if it is legitimate?

ignore the email, and if your account is suspended, its legit.

Just type in WWW. PAYPAL.com and go tou your account. If there is a problem, you'll know it. Change your password while your at it. NEVER use a link sent to you for EBAY, PAYPAL, VISA, IRS or anything else and always look for HTTPS instead of HTTP in the address bar. S is for security......

IT MAY BE FAKE! Sign in to paypal DO NOT USE THE LINK! then there you should have a message from them there. if not then its a scam.

forward all such paypal emails to spoof@paypal.com. Include a copy of the header as well. They will send you a email back telling you if it's real or fake.

Also, a Reap paypal / ebay email will have your name included in the begining. Those are the ONLY ebay, PP emails I check out.
Howdy

I got the same email today and starting wondering. Well now I will just ignore it.

Thanks for all the info guys.

I got a few of these messages / emails today. Here is how they went:

On 10/31/2007 2:43:00 PM, eBay (member@ebay.com) wrote:
[Image "eBay"]eBay sent this message
Your registered name is included to show this message originated from
eBay.
Learn more [link: ].
[Image]eBay New Message Received from Seller for Item #230175890457
[Image]

[Image][Image]
[Image][Image]
eBay member echokine has left you a message regarding your item
(#230175890457) on Mar-14-2007.


Thank you,
eBay
[Image]View the dispute thread
[Image]
[Image "Respond"] [link:
signin.ebay.com.ws.ebayisapi.dll.usingssl.yes.
signin.siteid.sessionid.mnbvcxzlkjhgfdsapoiuytrewq zxcvbn.candyocandy.
com/ws/eBayISAPI.dll?eBayISAPI.dll=username&value=0:US]


[Image]
Details for item number: 230175890457
Item URL: http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=230175890457
[link: signin.ebay.com.ws.ebayisapi.dll.usingssl.yes.sign in.siteid.

sessionid.mnbvcxzlkjhgfdsapoiuytrewqzxcvbn.candyoc andy.com/ws/eBayISAPI.
dll?eBayISAPI.dll=username&value=0:US]
End date: Friday, Mar 16, 2007 12:30:14 PDT
Quantity: 1
Dispute URL: http://feedback.ebay.com/ws/eBayISAPI.
dll?ViewDisputeConsole&DisputeType=1 [link:
signin.ebay.com.ws.ebayisapi.

dll.usingssl.yes.signin.siteid.sessionid.mnbvcxzlk jhgfdsapoiuytrewqzxcvb
n.
candyocandy.com/ws/eBayISAPI.dll?eBayISAPI.dll=username&value=0:US
D


Now quite a few things can be found that aren't right.
As they are listed in Bold:
#1 My name wasn't included.
#2 Anyone that knows anything about Ebay knows you can't go back 7 months ago for problems.
#3 Notice anything strange in this link?: [link:
signin.ebay.com.ws.ebayisapi.dll.usingssl.yes.
signin.siteid.sessionid.mnbvcxzlkjhgfdsapoiuytrewq zxcvbn.candyocandy.
com/ws/eBayISAPI.dll?eBayISAPI.dll=username&value=0:US]
** If you look closely it will be taking you to a spoof web site ( candyocandy.com )

So I sent that email to spoof@ebay.com.
They sent a quick reply:

Thank you for contacting us about a potential fraudulent (spoof) email
or Web site. We will investigate this situation immediately and inform
you of the results in a separate email. If you are reporting an email or
a Web site that is asking for personal financial information, it is best
to assume it is fake until you receive a response from us.

In order to reply as quickly as possible, we are sending you an
automated response about the following topics:

1. IDENTIFYING FAKE EMAILS AND WEB SITES
2. USING EBAY TOOLBAR WITH ACCOUNT GUARD
3. PROTECTING YOUR ACCOUNT AND INTERNET SECURITY

Please submit other questions or concerns through our Contact Us System,
which can be accessed by clicking on the "help" button on the top of any
eBay page. This allows us to dedicate our resources appropriately.

1. IDENTIFYING FAKE EMAILS AND WEB SITES
The best defense against fake emails and Web sites is learning how to
spot them. You can learn more about fake emails and Web sites through
our Spoof Tutorial at the following Web page:

http://pages.ebay.com/education/spooftutorial/

You can also use My Messages (located at the top of the My eBay page) to
detect Phishing emails. If an email from eBay affects your eBay account
or asks for personal information, it's now in My Messages. Any email
sent to your registered eBay email address from eBay that concerns your
account or requests personal information will now appear in My Messages.

2. USING EBAY TOOLBAR WITH ACCOUNT GUARD
One of the best tools to protect yourself from fraudulent (spoof) Web
sites is eBay Toolbar with Account Guard. The Account Guard feature
indicates when you are on an eBay or PayPal Web site and warns you if
you are on a known spoof site. To learn more about eBay Toolbar with
Account Guard open a new browser and type www.ebay.com/ebay_toolbar into
the address bar.

3. PROTECTING YOUR ACCOUNT AND INTERNET SECURITY
We recommend that you keep your browser, operating system, and virus
protection software up to date. Check for updates at the "Windows
Update" link on www.microsoft.com and scan your computer for viruses
often.

If you think your personal information has been compromised in any way,
you should take immediate steps to change your eBay, PayPal, and email
passwords. You should also contact your bank to see if there has been
any suspicious activity on your account. You can find more information
about protecting your identity at the following help page:

http://pages.ebay.com/help/confidence/problems-identity-theft.html

Thank you again for sending us your report. We appreciate your efforts
to keep eBay and PayPal safe.

Regards,

eBay Trust & Safety Team


Then 4 minutes after that they sent me this email:

Hello,

Thank you for writing to eBay regarding the email you received.

The email you reported didn't come from eBay.

Emails like this one are fakes, commonly referred to as "spoof"
messages. They're sent in an attempt to collect your personal or
financial information.

***Important***
*Never* reply to a spoof email or click on any links in the message.

If you ever receive an email that looks like it's from eBay about a
problem with your account or requesting personal information, check My
Messages first. If the email is genuine, a copy will also be found in My
Messages. You can also forward the email to spoof@ebay.com and we'll
investigate. Don't respond to the spoof email, or click any of the links
in the message. Please don't remove the original subject line or change
the email in any way.


To check My Messages:

1. Open a new Web browser and type www.ebay.com into the address field.
2. Click the "My eBay" tab at the top of the page and sign in.
3. Click the "My Messages" link on the left-hand side of the page.

Any email that eBay sends to you regarding your eBay account, and in
particular any message requiring you to take action on your account, can
be found in My Messages. My Messages will also contain information
about eBay policies or a possible suspension on your account, as well as
messages from Customer Support and correspondence from other eBay
members.


What to Do if You Think You Have Given Out Sensitive Information

If you think you may have entered personal information such as your
password, Social Security, or credit card information into a Web site
based on a request from a spoof email, you need to act *immediately* to
protect your identity. For detailed instructions about what to do now,
go to:

http://pages.ebay.com/help/confidence/problems-identity-theft.html

You might consider downloading the eBay Toolbar with Account Guard (it's
free!). Account Guard has an indicator that lets you know whether you're
on a real eBay or PayPal Web site, or on a known spoof (or "phishing")
site. It allows you to easily report fake eBay Web sites. And it has a
password notification feature that warns you when you may be entering
your eBay password on an unverified site.

To learn more about the eBay Toolbar with Account Guard, go to
www.ebay.com and click the "eBay Toolbar" link at the bottom of the
page.

Once again, thank you for alerting us to the spoof email you received.
Your efforts help keep eBay a safe and fair place to trade.


Regards,

eBay SafeHarbor
Investigations Team

__________________________________________________ ____________

I also got a paypal email like the first one in this thread:

Dear PayPal Member, This is your official notification from Paypal Management that the service listed below
will be deactivated and deleted if not renewed immediately. Previous notifications have
been sent to the Billing Contact assigned to this account. As the Primary Contact, you
must renew the service listed below or it will be deactivated and deleted.


Renew Now [links to 61.11.49.172/pin/index.html] your PayPal Online Account


SERVICE: PayPal Online Account Renew
EXPIRATION: October, 11 2007


Thank you for using PayPal.
We appreciate your business and the opportunity to serve you.

PayPal Management.


************************************************** ***************************
IMPORTANT PAYPAL MANAGEMENT INFORMATION
************************************************** ***************************

Please do not reply to this message. For any inquiries, contact Paypal Management .


Copyright © 1999-2007 PayPal. All rights reserved.


Notice the part I put in Bold: links to 61.11.49.172/pin/index.html that is another spoof paypal web site. It may look legit, but it's NOT!! Never, and I mean NEVER put in your username or password into a web page like that one.

Thie email will be forwarded to spoof@paypal.com and they will work to shut it down as well.

Hopefully these examples will help stop others from falling for it / them.
Howdy