Phish Alert: PayPal | Notification of Limited Account Access

Wednesday 9 April 2008

PayPal | Notification of Limited Account Access

Here's an email that apologises for being an inconvenience - if anyone falls for it, it will be a very big inconvenience.

It claims to be from PayPal following 'unusual activity' on the account. But it's not.

The target URL is http://static-68-179-55-98.ptr.terago.ca/paypal.com/managament/cgi/, terago.ca being the host of another recent PayPal phishing email. In fact, that one sent last week went to exactly the same destination URL. Presumably PayPal have not been able to get those pages shut down, or the site has been hacked again. Looking through the search results for the site, it does look to be an innocent victim.

Other indications that it's phishing are that it's sent to 'undisclosed-recipients'. If this had really happened, it would have affected 1 email at a time and PayPal would deal with it by contacting one member at a time. They would also not start off without an introduction using your name and the sent time on the email is 6th April, 00:00, even though it was received 07:45 on the 9th April. Someone has been playing with headers and forgotten to change them.

Lastly, PayPal would never ask you to click a link and then reveal your security details. If such action was required then they would be unlikely to email you (as your email could have been compromised - you do have different PayPal and email passwords, don't you???) and they would ask you to enter the PayPal address into your browser.

Here's the content, email is on it's way to PayPal for them to sort.

Notification of Limited Account Access

As part of our security measures, we regularly screen activity in the PayPal system. We recently noticed the following issue on your account:

Unusual account activity has made it necessary to limit sensitive account features until additional verification information can be collected.

We have been notified that a card associated with your account has been reported as lost or stolen, or that there were additional problems with your card.

Case ID Number: PP-071-362-996

Click here to verify your account

Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

If you choose to ignore our request, you leave us no choice but to temporary suspend your account.

Sincerely,
PayPal Account Review Department.

--------------------------------------------------------------------------------

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the footer of any page.

To receive email notifications in plain text instead of HTML, update your preferences here.

ref i - cmr

No comments:

Post a Comment

Stay Safe Online

* Never use a link in an email if you are about to visit a financial site. Open a browser window and type in the URL you usually go to.

* Never click on the PayPal link on money received emails.

* Don't believe an email is genuine just because the sender's email address looks good.

* Don't download or install 'latest security' etc information sent in an email - no bank would ever email you these.

* If you think you have given your security information away, log on, change the passwords and inform your bank / credit card.

* Complain to your bank / credit card if they send a genuine email that does have links in it - I've received these as well.

* Never give security answers to anyone contacting you.

* Keep your virus protection and spyware protection updated.

* Don't access internet banking at internet cafes or on any wireless network that isn't encoded or anywhere that you aren't certain of their security (e.g. friend's house who might not have updated virus protection).

Phish Alert

Wednesday 9 April 2008

PayPal | Notification of Limited Account Access

No comments:

Stay Safe Online

Reporting Phishing Emails

Labels

Blog Archive