So how many of you received the fake Paypal email.... I did.

I received it 3 times or so. On the third time, I did log on and almost completed the information but had a weird feeling. I was wondering why Paypal was requesting this info, when they already had it, and threatening to suspend my account when they had not done so to date? Three warnings and no suspended account. I looked up at the address bar and noticed that it did not say paypal. So I cancelled out. Later I saw the notification that this site was down due to this scam. Wow, that was close. As a precaution I did go to my Paypal account (the real one) and changed my password. No problem... thank goodness.

Did anyone get hit? If so, does Paypal assist in any way?

Thanks,

I haven't heard of anyone actually falling for it in our forum. I think the problem was well publicized and people were put on notice pretty quickly. Let's hope so anyway.

I closed my paypal account - that way, I'm safe. Never used it anyway.

I got suspicious when I realised I didn't have a PayPal account!

I changed my password.............did I do something wrong??.........paypal asked me to change it through an email I received........

RO1

I changed my password.............did I do something wrong??.........paypal asked me to change it through an email I received........

RO1

No, please don't tell us that!

I changed my password.............did I do something wrong??.........paypal asked me to change it through an email I received........

RO1

I think a quotation by P.T. Barnum goes here.

---Bob Gross---

I changed my password.............did I do something wrong??.........paypal asked me to change it through an email I received........

RO1
Yes - go to www.paypal.com (http://www.paypal.com) and check your account. It may well have been hijacked (and it still may be under the old password). Even if it seems normal, change your password again, but make sure you're at their real address. Don't use the link that shows up in an e-mail.

The hijackers are experts at faking addresses in e-mail to make it look like you're clicking the correct address.

I get those emails all the time, the funny part is that they send it to my normal email account and not the email accout that is connected to my payapl account, you can always tell by if it says: dear paypal user or dear-youremail, if it say your actual email then it might be good

I seem to get one from one bank or another on a daily basis and I ignore the lot of them, the Paypal one was "just another day at the scam hunt"

I signed on and when I saw what they were asking for. I signed off, went to my other Paypal address and changed my PW!!

Now I got a msg telling me I had won a new PC! :) Went right by that one, then I got a msg from the Netherlands saying I had won their lottery, I never entered :D It goes on and on..Scam scam scam!!!

MY MOTO
don't answer anything over the internet.

JZ

Well I was kinda suspicious about it because



I don't have a paypal account
The email address used to contact me is only used by this forum and one other place. I would never have used it for anything financial
So I am pleased to say I didn't "fall for it". I haven't seen any further spams coming in to that email address so I guess they didn't harvest the addresses.

I think it was legitimate as it sent me straight to the paypal site......

.......but I'll change my password anyways...........I checked my past activity and everything looks normal.

Ro1

I got the mail but was suspicious straight away, checked the from address and wasn't PP, sent Paypal a copy of the message and headers and they verified it was a scam. then, worst of all, this site went down

hope nobody got screwed up by it...

What you got is known as Phishing. They send you an e mail that looks nearly identical to to a bank, financial institution, or other supposed account that you have. Sometimes there are words that are misspelled. There is a link that you are supposed to use to update your information. NEVER RESPOND TO AN E MAIL REQUESTING THAT YOU PROVIDE CONFIDENTIAL INFORMATION. LEGITIMATE FINANCIAL INSTITUTIONS DON'T DO THIS. NEVER USE THE PROVIDED LINK. EXIT YOUR EMAIL AND GO TO YOUR INSTITUTION'S WEB SITE BY TYPING IT'S NAME IN YOUR BROWSER AND ACCESSING YOUR ACCOUNT INFORMATION. FOR MORE INFORMATION GO TO WWW.FTC.GOV (http://www.ftc.gov/) and do a search "phishing".
Scott

I clicked the the link in that email... and tried to log in... well with a username/password that consisted of a few words that aren't worth repeating here. I figure if they went through the time to make their scam, I would go through the time to "play along" :D

I got suspicious when I realised I didn't have a PayPal account!
Same here. :lol: I figured having my account suspended wouldn't matter since I didn't even know I had an account. :D Then I saw the notice on the board...

I was stupid enuf to believe that email.....

And felt that something was not right. Got to the paypal.com, changed my PW, fwd the email to PP for verification. called my credit card company to cancel the card... all at 1am !!!

what was I thinking off !! :mad:

I got suspicious when I realised I didn't have a PayPal account!
Same here.

I think it was legitimate as it sent me straight to the paypal site......

.......but I'll change my password anyways...........I checked my past activity and everything looks normal.

Ro1

I hope you're not serious, roanjoan. I'll bet you a jillion dollars that was NOT the real PayPal site. All they need to do is copy the graphics from the real one and put them on their dummy page.

And some of these things do more than just try to trick you into typing your password into an account. Some of the nastier ones install a keystroke tracer application on your computer, and a mail-bot to send what it finds to a remote location. It'll sit on your computer watching and waiting for you to browse to a bank site, for instance, and record your keystrokes as you log in to your account. When it thinks it's got enough, it'll send its goodies off to papa, and you're hosed. Big time.

If you haven't got it already, I recommend something like Ad-Aware, or SpyBot Search and Destroy. These programs search your hard disk and registry for signatures of known mal-ware, and will attempt to remove them. It's best to load them, get the latest updates, and then reboot into Safe Mode and run them.

..........OH ****!!!............now I'm getting kinda scared.

Ro1

Password Safety

Never share your PayPal password: PayPal representatives will never ask you for your password. If you believe someone has learned your password, please change it immediately and contact us (https://www.paypal.com/us/cgi-bin/webscr?cmd=_contact).
Create a secure password: Choose a password that uses a combination of letters, numbers, and symbols. For example, $coo!place2l!ve or 2Barry5Bonds#1. Avoid choosing obvious words or dates such as a nickname or your birth date.
Keep your PayPal password unique: Don't use the same password for PayPal and other online services such as AOL, eBay, MSN, or Yahoo. Using the same password for multiple websites increases the likelihood that someone could learn your password and gain access to your account.
Email Security

Look for a PayPal Greeting: PayPal will never send an email with the greeting "Dear PayPal User" or "Dear PayPal Member." Real PayPal emails will address you by your first and last name or the business name associated with your PayPal account. If you believe you have received a fraudulent email, please forward the entire email—including the header information—to spoof@paypal.com (spoof@paypal.com). We investigate every spoof reported. Please note that the automatic response you get from us may not address you by name.
Don't share personal information via email: We will never ask you to enter your password or financial information in an email or send such information in an email. You should only share information about your account once you have logged in to https://www.paypal.com/ (https://www.paypal.com/).
Don't download attachments: PayPal will never send you an attachment or software update to install on your computer
........quote from paypal........YIKES!!!

Ro1

I'm scr**ed!!

So I went back to my email account and opened the email I got>
It looked official - the paypal logo is there and etc.......

It then asked me to verify my account within the next 5 working days or else my account would be suspended. So I clicked on the (click to verify your account) icon and entered all the necessary data (at this time, I already forgot what I entered..........

So I pulled this email up again today and decided to reclick it.........this is where it sent me!!!

http://200.215.16.194/Agenda/

And on the bottom where it said click here to login to your account.....same thing!!! it sent me to the same non-working address.......

Now I am a bit scared.........I already changed my paypal password but I wonder if I should do something more.......

.........didn't know what information I gave out!!!

Now I learned my lesson!!! Man!!! I've been learning all these lessons!!! too much!!!

Ro1

First thing to do is contact your bank(s) and credit card companies to alert them to the potential. Also the credit bureaus (Equifax, Experian, I forget the third) to have them put a hold on releasing credit histories to anyone without first contacting you. Credit card companies will usually be more than willing to issue you a new card with a different number to replace the old one (which they'll instantly block) if you ask. Banks may be willing to do likewise; they'd need to know what check numbers they should allow through. You'll need to clean up all the existing direct-debit transactions you might have set up (mortgages, utilities, etc.) so they point to the new numbers.

I got an e-mail as well but have read the thread Pekka posted in the meantime and just disregarded the e-mail.

If you haven't got it already, I recommend something like Ad-Aware, or SpyBot Search and Destroy. These programs search your hard disk and registry for signatures of known mal-ware, and will attempt to remove them. It's best to load them, get the latest updates, and then reboot into Safe Mode and run them.I will do this ASAP!! Thanks!!

JON - thanks!! will do all your advice.

Ro1

I hope you're not serious, roanjoan. I'll bet you a jillion dollars that was NOT the real PayPal site. All they need to do is copy the graphics from the real one and put them on their dummy page.

And some of these things do more than just try to trick you into typing your password into an account. Some of the nastier ones install a keystroke tracer application on your computer, and a mail-bot to send what it finds to a remote location. It'll sit on your computer watching and waiting for you to browse to a bank site, for instance, and record your keystrokes as you log in to your account. When it thinks it's got enough, it'll send its goodies off to papa, and you're hosed. Big time.

If you haven't got it already, I recommend something like Ad-Aware, or SpyBot Search and Destroy. These programs search your hard disk and registry for signatures of known mal-ware, and will attempt to remove them. It's best to load them, get the latest updates, and then reboot into Safe Mode and run them.
I wonder if anyone is fast enough to even get close to the scammers. Online must be one of the un-safest places on earth. Just remember the quotes 'When there is any doubt, there is no doubt' and 'What you do online today can burn you tomorrow'.

Quote:
Originally Posted by roanjohn
I think it was legitimate as it sent me straight to the paypal site......

.......but I'll change my password anyways...........I checked my past activity and everything looks normal.

Ro1


I hope you're not serious, roanjoan. I'll bet you a jillion dollars that was NOT the real PayPal site. All they need to do is copy the graphics from the real one and put them on their dummy page. Actually - it WAS the real paypal site.

This was one of the nastier ones that installed a keystroke logger. So, even if you verify that the PP page was not a spoof, you are still toast as the logger watched you input your user/password combo. McAffee's firewall saw the logger and notified me.

Rad

Actually - it WAS the real paypal site.

..................................
So I was on the paypal site!!! is that true??

I seriously forgot what information they asked from me..........wish I could remember. In any case...........I did it through work.......and we have a pretty tough firewall............so hopefully it covered all my tracks.........hopefully............darn this people!!!

Ro1

I got suspicious when I realised I didn't have a PayPal account!

Exactly what I thought!!

I too got that "phony phishing" paypal email, as Scottberger calls it! What is it with these "bastards", why are they out to get us "mild mannered" photo people! All we do is take pictures that's all, and have a discussion about them!
I sent mail to "Pekka" and said " I wish we could send these people back a "Silver Bullet", which would penetrate the "hearts" of their servers, like they do to "vampires"? Those "viscious" people need to "EXTERMINATED", like "COCKROACHES"!!!!

... why are they out to get us "mild mannered" photo people! All we do is take pictures that's all, and have a discussion about them!

Don't take it personally, E.C. I read an article somewhere recently that said most of these phishing expeditions are done by orgainized crime gangs. It's what they do for a living.

Exactly what I thought!!

mee too! i didn't even look further when it said "your paypal account" because i never had one!!