# PayPal Fraud?



## csonni (Feb 8, 2001)

Just received this notice from PayPal, strangely enough, after making a transaction with someone just days ago. Looks like someone is trying to get $800. I signed in and requested a refund. Has anyone had this happen before? I have the site for which the payment was made. Would that help identify the culprit? Kind of scared me. Should I expect this again? I'm thinking of cancelling out my account.

Dear PayPal member,

Our department of security was informed that on the 12-02-2007 a transaction for the sum of 800$ ,was initiated from your account.

We have reason to believe that this is a suspect transaction.

You can cancel this transaction by signin in the link provided by this automated mail.

However, if this is a transaction that was initiated by you please igonre this mail.


----------



## switch (Mar 17, 2004)

Wow, that is scary. At least you know that Paypal is secure because they were able to track suspicious account activity. I would definitely change login info.


----------



## ehMax (Feb 17, 2000)

csonni said:


> Just received this notice from PayPal, strangely enough, after making a transaction with someone just days ago. Looks like someone is trying to get $800. I signed in and requested a refund. Has anyone had this happen before? I have the site for which the payment was made. Would that help identify the culprit? Kind of scared me. Should I expect this again? I'm thinking of cancelling out my account.
> 
> Dear PayPal member,
> 
> ...


Be very carefull... the email may very likely be the scam. Never sign into Paypal via a link from an email, always go to the URL yourself.


----------



## cloudniner (Oct 21, 2006)

*PayPal Scam*

This happened to me a last year.

I would agree to never use a link in an email. Make absolutely sure that the URL has 'https' and not just 'http', also make sure the lock is locked.

Hope this turns out okay for you!

RSN


----------



## csonni (Feb 8, 2001)

Oops. I should have waited for word from ehMac members before confirming the refund. I entered some very personal data in haste. The link was only http (no s). Now I have opened pandora's box.


----------



## csonni (Feb 8, 2001)

Here is what the link brought me to. I was foolish enough to send the info in avoiding any unneccesary charges. Any idea what to do with this?


----------



## csonni (Feb 8, 2001)

Would it be best to close my PayPal account and start a new one? My login is/was secure (locked), but now I'm worried about unauthorized transactions, never mind identity fraud/theft with the numbers I entered!


----------



## MacDoc (Nov 3, 2001)

You better contact your financial institutions - you've been had big time.
You are now just about completely vulnerable to identity theft.


----------



## darkscot (Nov 13, 2003)

Don't walk, RUN! That's your total identity there! Good luck!


----------



## da_jonesy (Jun 26, 2003)

That doesn't look right. I am not aware of any Visa PayPal deals... the ads are causing me to be suspect.


----------



## em_a_bee (Jul 31, 2006)

I got an email once from "paypal" and I didn't trust it so I went on to the actual paypal webpage ( not from any link within the email) and contacted their fraud department. They told me explicitly that ANY email paypal would ever send to a customer would be addressed directly to you with your full name. They said any email addressed to "Paypal Member" is fraud. If I were you I would contact their fraud department and your banks immediatly.


----------



## Moscool (Jun 8, 2003)

Yup, time to change ALL your logins/passwords and go to identity theft help websites...

Oddly enough I received the same thing today having completed a couple of transactions. Not sure if it is connected. In any case, here are three ways of checking suspiscious emails:

- institutions will typically personalise the email - including PayPal
- Hover over any link: the yellow box will show the URL. If it's fake, you will get a server number, followed by a web address which is actually only a sub-page from that server. So it could look like: http://212.223.232.1/www.paypal.com/verifysecurity. If you see this, it's definitely a scam
- Even if the message passes the first two tests, leave the email and log in directly into the account...


----------



## dona83 (Jun 26, 2005)

Call every financial institution, credit card companies, and also Transunion (1-800-663-9980), Equifax (1-800-465-7166) noting to put a flag on your credit report for possible identity fraud.


----------



## HowEver (Jan 11, 2005)

One of the warnings stated by PayPal (and eBay) when you sign up is that they will ONLY contact you using your real name, _i.e._, NEVER "Dear PayPal Member," ever.

That said, "Dear Mr. YourReal NameHere" doesn't make any message legitimate, but anything else is definitely not from PayPal or eBay.

Also, eBay includes this every time: "eBay sent this message to YourReal NameHere (eBayname).
Your registered name is included to show this message originated from eBay. Learn more" and "Learn more" provides an explanatory link.


----------



## HowEver (Jan 11, 2005)

Call 'em all.




dona83 said:


> Call every financial institution, credit card companies, and also Transunion (1-800-663-9980), Equifax (1-800-465-7166) noting to put a flag on your credit report for possible identity fraud.


----------



## sammy (Oct 12, 2002)

I recieved this very same message on Thursday or Friday. My wife went ballistic and forbid me from ever doing any online transactions again. In Firefox, the link actually opens with a warning stating the site appears to be a phishing scam. I calmly explained this to my better half, and now I'm just on probation.


----------



## dona83 (Jun 26, 2005)

HowEver said:


> Careful. It may be enough to change your passwords if no damage has yet been done. Otherwise you risk having loans cut off, credit cards inaccessible for months until the company is satisfied that you are who you say you are, bank accounts closed and not being able to re-open them...


The damage has been done, he's posted every bit of his identity post haste, he NEEDS to contact these places. This flag will NOT cut you off from loans, close bank accounts, etc. they will simply be cautioned to asked even more questions to confirm your identity. Credit cards will probably give a new card number and prompt for a new maiden name as well as give a new PIN number if you had one. This will definitely not ruin his credit history unless he does not act immediately.


----------



## jhollington (Jan 29, 2007)

Changing the passwords may or may not be enough, since the original form (as shown by the user) asked for a credit card number, drivers license number, and "social security number"... That information is all that somebody needs to start getting all sorts of nasty things done in your name, and your passwords for online services and even your _existing_ accounts are the least of your concern at this point.

The only saving grace may be that since you're presumably Canadian, they may not be set up to undertake identity theft based on a Social Insurance Number or Newfoundland Driver's License  However, I wouldn't count on this as any sort of protection, since that information will allow them to open up _new_ loan accounts in your name, which you could still be held liable for. If you have a very good credit rating you're at an even higher risk in this regard.

There have been recent cases in Toronto where criminals have taken out _mortgages_ on other people's homes without their knowledge. One person actually had his house foreclosed on by the bank for missing his mortgage payments for a mortgage that he never signed for.

I'd suggest checking out the Canadian Government's Page on Identity Theft as a first step for some advice on how to proceed.


----------



## dona83 (Jun 26, 2005)

Exactly, this is serious. Could even go as far as changing your drivers license and SIN number, I would not take this with a grain of salt... you have too much to lose and the person who has your ID has everything to gain.


----------



## John Clay (Jun 25, 2006)

Also, PayPal will NEVER ask for your ATM PIN code. Call PayPal, have your account frozen. Then call and cancel anything and everything you entered on that page.


----------



## ehMax (Feb 17, 2000)

csonni said:


> Here is what the link brought me to. I was foolish enough to send the info in avoiding any unneccesary charges. Any idea what to do with this?


Oh my word... please tell me you didn't.  

If you did, you need to act very quickly. Call Credit Card Companies and put a hold on action. Also, report to RCMP. I would call and speak to someone there and seek additional advice, you will most likely be told to contact other people to have things cancelled / reset.


----------



## CanadaRAM (Jul 24, 2005)

You don't have a choice: You must inform your charge card companies and banks as soon as you know your info has been given out. Otherwise, YOUR FRAUD PROTECTION CAN BE VOID from the time you found out that it had been acquired and didn't report it.

In other words; you are on the hook for the charges, even if fraudulent, if you know the PIN or account or password is out there and you choose to delay reporting it.


----------



## ehMax (Feb 17, 2000)

I found this link which may be useful.


----------



## John Clay (Jun 25, 2006)

This, too, should be of use:

http://www.rcmp.ca/scams/index_e.htm#1
https://www.recol.ca/intro.aspx?lang=en (linked to by above)


----------



## vacuvox (Sep 5, 2003)

csonni, I am sorry this has happened to you - and I hope that quick action will prevent disaster.

one more thing to add... we can forward or redirect all phishing mail of this type to [email protected] (I'm not sure how effective they are at dealing with these scams but at least it keeps them aware).


----------



## csonni (Feb 8, 2001)

Trying to sort out who to call. I did cancel out my credit card number. Driver's license number will have to wait until they're open in St. John's tomorrow. I am really feeling violated here. The repercussions from all this can be too much to bear. The only thing that brings me a bit of peace in all this is that my american ss number is not linked to any US driver's license, nor a US address. I imagine anyone could take someone's name and eventually, by luck, hit on their SS number with lots of time to waste. I contacted the RCMP and they said until there is an actual case of fraud to report, they can do nothing. I am wondering how many credit card companies to call on this. As many Canadian and US as possible? It's so hard to know where to begin. How embarrassing.


----------



## HowEver (Jan 11, 2005)

I missed that he filled in all those bits of information on the posted graphic. Ay carumba! Yes, please do notify everyone, every card, agency and institution.

Perhaps you've saved somebody else from this danger too.

Given the millions of messages they send every day, these scammers are bound to hit our actual email accounts with real-looking letters. Sad to see they hit one of ours.


----------



## jhollington (Jan 29, 2007)

Unfortunately, many of these sites talk about what to do if you already _have been_ a victim of identity theft, not what to do if you simply think you're at risk.

I think a key point for the sake of _prevention_ would probably be to call your bank manager and get in touch with the major credit bureaus, as others have suggested. Changing credit card numbers and account information is one thing, but many criminals steal identity for the purpose of opening _new_ accounts with that information in order to secure loans under your identity. In the end, you end up on hook for the loan that somebody else ran off with, and have a hard case of proving that you weren't the person who took it out in the first place.

Since all credit checks go through a central set of credit bureaux, it should be possible for them to put some form of flag on your file indicating that credit checks for loan and other financing applications should be reviewed more carefully when they come through. This can be even simpler if you're not planning on taking out any new loans or credit cards any time soon.

Does Newfoundland use an electronically digitized photo ID on the provincial driver's license? One of the classic problems in Ontario before they went to the digitized photo ID was for people to easily obtain fraudulent driver's licenses by showing up with appropriate identification and claiming they had lost their original photo card. Digitized photo ID stored in the computer has at least taken care of this little loophole.


----------



## MannyP Design (Jun 8, 2000)

Here's a tip to save you trouble--never treat *any* e-mail as being completely legit. If a bank, credit card co. or paypal want to notify me of anything, they do so at their web site, or by snail mail--_not_ via e-mail.

If you're worried or aren't sure if it's a scam e-mail go to the company's web site by way of entering their address manually (ie www.paypal.com for instance), and not by way of clicking the e-mail link.


----------



## garf1108 (May 30, 2006)

Hi

An example of phishing - Firefox often warns you of suspicious sites

Cheers and good luck


----------



## csonni (Feb 8, 2001)

Who to call right now is a bit confusing, due to the information I released. I did not give out my Canadian SIN number, but rather, my American SS number. The Canadian data I did give was my credit card number and driver's license number. I did file a credit alert with one place so far. I'm assuming this fraudulent email came from the States. All they would have on my is my SS number. All they would have here in Canada is my license and credit card number, of which is now cancelled. No bank account info was given. PayPal was notified and my password was changed until the recent transaction goes through. They cannot close it out until it does. So, with this information, do I actually need to contact all credit card companies? If so, how many are there? Where do I begin?


----------



## dona83 (Jun 26, 2005)

I would say changing your drivers license number would be good, as well as your SIN number, your major concern is them opening say a $500,000 mortgage under your name. The less correct information about you they have, the less likely they'll be able to open this mortgage. You called Equifax or Transunion but you need to call them both as they are independent credit agencies.


----------



## kastytis (Oct 24, 2006)

csonni said:


> Oops. I should have waited for word from ehMac members before confirming the refund. I entered some very personal data in haste. The link was only http (no s). Now I have opened pandora's box.


Contact Paypal and tell them lest ye olde bank account be depleted. Check your accounts from which paypal debits, because if you gave out all that info, you are SOL.

Last week I got a similar sort of scam e-mail purporting to be form Paypal. It said such and such transaction for a digital camera on e-bay was suspect, etc. It looked really good. Reallllly good. Very slick. But then I don't open URLs from any e-mail. Never. Nada. Not when they're looking for such personal info.

Seriously, get in touch with Paypal and your bank. Check to see if funds are missing.


----------



## csonni (Feb 8, 2001)

What would my SIN have to do with this ordeal? That was not given out.


----------



## dona83 (Jun 26, 2005)

yea you're right, I was just thinking worst case scenario if they could somehow track your SIN number based on the info you gave them "Hi CRA, I lost my SIN card and don't know my SIN number..." they're missing some crucial information like place of birth, they'll actually need your birth certificate which requires your mom and dad's place of birth, etc....


----------



## lindmar (Nov 13, 2003)

omg, I cant believe people are falling for this still


----------



## gordguide (Jan 13, 2001)

I too would be concerned about the Social Security Number. Contact the relevant US authorities and see what they say; I realize that it's much more casual about SSNs there but certainly it's something to consider.

If you are lucky, the worst that will happen is some illegal immigrant uses your SSN to get work. But, it's a problem; armed with that they can do a change of address, start having stuff sent to their mail drop, etc. Almost all ID can be "build" by starting with a SSN and an address. Most states have ID Cards that are issued by the DMV but are not Drivers Licenses (because Photo ID is needed to do almost anything in the US). From there, a Bank Account can be opened, and so on.

If you have an SSN then you can have a US Credit Report, or one could be opened in your name in the future. I would see what I could do about monitoring that as well.

By the way, for future reference, Canada suggests you do not carry your SIN card with you, that you NEVER use it as a form of ID, and that you need not give it out to anyone except your employer, your tax man and certain government agencies. You do not even need to give it to your bank, although they are authorized to ask for it.

Most businesses are not allowed to ask for it by law, although the law is widely ignored. However, (and poor people or young people without credit cards, for example, are often victims of this) if you voluntarily offer it, they can accept it and they can record it. It's common for some businesses (BlockBuster, etc) to post a sign stating what is "acceptable ID" or something to that effect, and list the SIN card there. In this manner, they do not actually ASK for it, which for them would be illegal.

DO NOT OFFER your SIN as ID, and tell your kids to never do that either.

In some cases it's required for income tax purposes (ie opening an RRSP) but feel free to check with the Government of Canada first to see if you are required to provide it (never mind whether someone can ask you for it; most cannot but you still can refuse to provide it in many cases even if they are allowed to ask).

UPDATE:

I just had another look at the webpage you posted. Each line on that page is like a piece of a puzzle, and some are like a key that opens more doors to fraud.

First of all, did you post the ATM PIN? If you did, according to all my Credit Card Member Agreements, you are 100% liable for all fraud on the account. They are only liable if you keep that secret.

The 3 or 4 digit security code for your CC is the means to verify that a physical card is present, because it's not printed on the card's embossed areas nor is it present on the magnetic stripe area. With that number, they can order online, and they can manufacture a fake card that will work on ATMs.

Secondly, they ask for your Mother's Maiden Name. This is a dead giveaway that they plan to open a bank account, obtain a loan, or obtain a secured Credit Card in your name.

The secured Credit Cards are small time fraud; a few thousand dollars. They are granted easily, because you pay one or three hundred dollars, and that is your credit limit. What the scammer will do is pay the balance off quickly with a rubber cheque that also includes "more" money so as to increase the balance. He then spends that amount, sends in another rubber cheque, etc, until the card is disallowed. In this way it's easy to run up 2 or 3 thousand dollars before the cheques start to bounce enough to kill the account.

Because they are low risk (all your customers are essentially lending you money at zero interest, while agreeing to pay you interest should they go over the limit) they are trivial to get; in many cases you can walk into a Western Union or PayDay loan office and walk out with the card.

With your SSN, your Mother's Maiden Name, and your DOB they can open any account and apply for any credit in the US. Be vigilant.

Be especially careful of small, seemingly innocent transactions. They are checking to see if the card or account is valid.

On the good side, hopefully these guys are so successful that you have a little time to fix things, due to the sheer number of people they are targeting. It's possible that your Canadian address & US SSN combo might throw them off, although if they know their business, it won't and may even be considered more valuable, since they may feel you will be less likely to check US Credit Bureaus.

By far the most valuable names they have are those that will still be good in a month or three. Still, that doesn't mean someone won't be trying to use the info today; it's just a little less likely than if they stole the same info from your mailbox.


----------



## green_ears (Feb 26, 2005)

I got a similar email this morning. If you actually CUT & PASTE the link into a browser, you will see that the URL is completely different than the text describing the link:

http://212.76.76.11/www.paypal.com/index.html

Whatever you do, DO NOT LOGIN TO PAYPAL VIA THE LINK ABOVE OR THE ONE IN THE EMAIL!!!

It is meant as a spoof site to scare you into login in and given the thiefs your login ID and password.

PayPal clients beware...

P.S. I have already forwarded the suspect email message to the PayPal scam investigation account: [email protected] If you have similar emails, I strongly suggest that you forward them to this address as well to let them know.


----------



## vapour (Feb 18, 2003)

*Forward your email to paypal*

Forward the original email to paypal at: [email protected]

Also contact paypal and make sure that they are aware of the situation.


----------



## gordguide (Jan 13, 2001)

Comparing the spoof with the genuine reveals some interesting things:

Most of the links on the first page of the fake work, and many go to genuine Paypal pages. Had you clicked on some of the links, before you entered any information, ironically you might be OK as they are true PayPal pages, with the correct https addresses.

It appears (I haven't checked every single link, though) that only the first page of the fraudsters site goes to the fraudsters, unless of course you login. Then you are going to fraud info collection pages, and I would guess they'll let you fill out to your heart's desire all the info you would like to give them.

If you go to a genuine Paypal site, there are no unsecured Paypal pages anywhere, even the start page is https (secure); on the fake site the first page is regular http.

The template seems a bit old, the graphics are dated somewhat compared to the current PayPal layout, the fake says "Join now, over 71 million accounts" while the genuine boasts 100 million.

The fake has "Powered by Sun"; the genuine has "Secured by Verisign".

I logged into the fake Paypal site using made up info; naturally if it were a real PayPal site, it would give me an error. Instead, with eMail and Passwords:
[email protected]
peterisapirate
... I was sent straight to a site with a realistic login countdown (5 seconds exactly) and then to a page asking to verify my credit card data. It uses a verification algorythm, because Peter I Pirate's credit card, which I made up, was not accepted. Oh well. I probably should have used genuine country codes (first four digits) but I can't be bothered.

So I went to the "send money" tab. I was sent to a genuine PayPal page, that asked me to log in again, and when I did, properly told me it had never heard of [email protected]. Which is how it should be.


----------



## robert (Sep 26, 2002)

The more work you do now to notify/change things, the less work you might have to do down the road.

Good luck.


----------



## green_ears (Feb 26, 2005)

Got this reply from the folks at PayPal:

"Thank you for taking the time to contact [email protected]. The email you
reported was not sent by PayPal and is a phishing (fraudulent) email. 

-------------------
What to do Next
--------------------
Delete the phishing email. If youve already responded to the email, 
please log in to your PayPal account and perform some important safety 
measures.

1. Go to your Profile and change your password and security questions.

2. Review the payments listed on your Account Overview. 

If you notice a payment that you dont recognize, visit the PayPal 
Security Center to file a claim. Well promptly investigate any 
suspicious transactions and you wont be held liable for unauthorized 
payments sent from your account. 

-------------------------------------
Visit the PayPal Security Center
-------------------------------------
In the new PayPal Security Center youll find fraud-fighting tips, 
tools, and technology.

Youll learn:
* Ways to stay safe online
* How to spot fake emails
* What to do if you suspect unauthorized activity in your account

Youll also find tools to help protect against identity theft: 
* Equifax credit alerts: Receive notifications about activity on your 
credit accounts 
* eBay Toolbar: Download a toolbar that warns you when youre on a 
potentially fraudulent web site

-------------------------------------
Safeguard Your Account
-------------------------------------
Phishing emails often try to get your attention by telling you that 
theres a problem with your account. 

One way to figure out if an email is really from PayPal is to open a new
browser and log in to your PayPal account. Any important information 
about your account will be displayed once you are logged in. 

------------
Thank You
-------------
By alerting us to this phishing email, youre taking an active role in 
keeping the PayPal community safe. Users like you are our greatest 
partners in combating spoof. 

Well use the information you provided to work with law enforcement to 
shut down the fraudulent website. 


Sincerely,

PayPal

************************************************************************
Remember, PayPal will never ask you for your password in an e-mail. 
There are no exceptions to this policy. If someone claiming to be from 
PayPal asks you for your password in response to an e-mail, you should 
refuse to provide it and contact us. To contact PayPal, go to the PayPal
Help Center and click the "Contact Us" link.


************************************************************************
This
email is sent to you by the contracting entity to your User Agreement, 
either PayPal Inc or PayPal (Europe) Limited. PayPal (Europe) Limited is
authorized and regulated by the Financial Services Authority in the UK 
as an electronic money institution.
***********************************************************************"


----------



## csonni (Feb 8, 2001)

Got that too. I have filed a credit alert with one of the US agencies (transunion) and the automated system said the other 2 would be notified. I will call Social Security tomorrow during hours. I'm the fool on this one. I was caught at a moment of being tired and not wanting to deal with a scam on my paypal account, while at the same time, I was had. Can you believe I even knew not to give those numbers out? I think the thing that tricked me was that I thought PayPal was Stateside and therefore needed that info to verify my identity. That's how anxious I was to stop $800 from going through. Thanks for all your advice and direction. I wouldn't have known where to begin. I think my trust for others has just gone down several notches. I still can't believe this happened to me.


----------



## kloan (Feb 22, 2002)

Yup, it sucks. I fell for it once, back a few years ago... but nothing ever happened.

Phishers should be shot, or at least castrated.


----------



## csonni (Feb 8, 2001)

Kloan- that's a bit of assurance for me.


----------



## Macaholic (Jan 7, 2003)

Make sure your ATM PIN is CHANGED. These dicks can fabricate a bank card with your numbers, magstripe and all. You giving them your PIN means they can clean out wads of cash if you have it in there. Like, a couple grand a day in point-of-sale debit transactions, and about a grand (or more) cash out of ABMs.

Very sorry to hear this


----------



## DrewNL (May 23, 2005)

Well it looks like http://212.76.76.11/www.paypal.com/index.html is officially gone now. I hope a cop knocked on someone's door about it.

About a year ago I had my wallet stolen. In my house we're so paranoid and careful about electronic fraud, but not as astute when it comes to locking car doors! Anyways, there was nothing in my wallet except my SIN card and my birth cert. I knew this was enough, so I called a good friend who works for a fraud dept. I got myself added to equifax and trans u watch lists and as far as I know I've been safe...although when I get home from work in the morning, I'll be pulling a credit report. y'all made me nervous again.


D


----------



## kloan (Feb 22, 2002)

Keep in mind, when they send these emails out, they're sending them to millions of email addresses. It depends on how many people actually fall for it and fill out the forms, but they may never go through all of them... it's little comfort I know, but there's a chance they may never even find yours.

As long as you take all the steps and change as much info as you can, they'll skip it and go onto the next unsuspecting victim.


----------



## csonni (Feb 8, 2001)

I've closed out my bank account linked to PayPal, cancelled credit card, changed ATM PIN and online password and notifed Experian, Equifax and Transunion for credit fraud alerts (some through voice mail- I'd better check on that to confirm). Not much I can do with my info in the States. The damage has been done. I'll keep an eye on my credit history. I may subscribe to the service that requires fees. I have a question about these phishing emails. I've deleted it and emptied my Mail trash, but could there be something on my system that is tracking all keystrokes when I log into my online banking with my new password? If so, how do I rid this bug?


----------



## Macaholic (Jan 7, 2003)

csonni said:


> I have a question about these phishing emails. I've deleted it and emptied my Mail trash, but could there be something on my system that is tracking all keystrokes when I log into my online banking with my new password? If so, how do I rid this bug?


I'd be surprised if there was something on your *Mac* doing this -- not that it can't happen, but it won't be easy for someone to do it (I believe).

I dunno, you could try this I guess:
http://www.versiontracker.com/dyn/moreinfo/macosx/31189
rather new, little used out there (according to VT's download stats), no user comments...

Or, you peruse these options:
http://www.versiontracker.com/php/s...search&str=trojan&srchArea=macosx|osx&x=0&y=0


----------



## Chuck (Oct 17, 2003)

I put the ip address in to http://www.ip-adress.com/index.php
Showed up as Saudia Arabia.


----------



## HowEver (Jan 11, 2005)

Oh, oh, Al Qaeda has his info!

(Sorry csonni if this poor attempt at levity is misplaced.)


----------



## optical (Dec 31, 2006)

"Dear PayPal member,

Our department of security was informed that on the 12-02-2007 a transaction for the sum of 800$ ,was initiated from your account.

We have reason to believe that this is a suspect transaction.

You can cancel this transaction by signin in the link provided by this automated mail.

However, if this is a transaction that was initiated by you please igonre this mail."

With a message this poorly written (Lots of spelling errors, punctuation errors, etc) I have no doubt that it's a foreign website.


----------



## csonni (Feb 8, 2001)

Yeah, after it is all said and done, I now look back at all that and think how could I have fallen for that. I now realize that I responded so quickly because I had just made a PayPal transaction and the fraud email was so timely. I never thought of second-guessing it. It even had the Verisign security symbol. All too smooth.


----------



## dona83 (Jun 26, 2005)

Live and learn.


----------



## HowEver (Jan 11, 2005)

At least we were all given pause. I paid for something by PayPal this morning for all of $6 US but I scrutinized all the details--even though it was a self-initiated purchase and all the follow through was from my end. Of course, my main scrutiny came since this transpired on a PC (work).

Safari doesn't allow phishy URLs in the URL box, no?


----------



## csonni (Feb 8, 2001)

Chuck- I just clicked on that link and my community came up. How might I had my IP address?


----------



## Kosh (May 27, 2002)

dona83 said:


> Live and learn.


So true. I had received a phishing email once, too. It didn't ask for as much info as csonni's, though. Man, what a phishing email. ATM PIN number is a bit of a tip-off, though, but I probably wouldn't have noticed that until I got to that field on the form. You're not supposed to give your ATM PIN number to anyone, not even the banks. A bank employee will not even ask for your PIN number.

I'm still waiting for that day that I find a suspicious transaction on my credit card. Haven't seen one yet, and I have started using the credit card a little more now, online.

I feel for you Csonni, my Mom had her purse stolen once, and she had to go through everything you went through. It's not fun.


----------



## HowEver (Jan 11, 2005)

whatsmyip and similar websites will do that for *everybody* who visits them.

In fact, websites have been collecting IP addresses since the dawn of the web.

This one does it, it's not that big a deal here. It would be if they were visible to everyone, or if you got stalked by a web administrator. Which is extremely unlikely as it is on most sites.

Unless you use an anonymizer, expect every website you visit to be tracking you.




csonni said:


> Chuck- I just clikced on that link and my community came up. How might I had my IP address?


----------



## Kosh (May 27, 2002)

HowEver said:


> Unless you use an anonymizer, expect every website you visit to be tracking you.


Actually they're tracking your IP which can be useless, if you use an ISP that uses DHCP to hand out IP addresses. Your IP in this case is dynamic, one day it's one IP, the next it's another IP.


----------



## vapour (Feb 18, 2003)

I find that I get phishing emails shortly after I legitimally use paypal or ebay. I guess somehow they monitor traffic and then do blanket email.


----------



## HowEver (Jan 11, 2005)

Given how many billions of spam messages get mailed every day... this may be a case of something being fresh in your mind and therefore seeming like a coincidence, no?




vapour said:


> I find that I get phishing emails shortly after I legitimally use paypal or ebay. I guess somehow they monitor traffic and then do blanket email.


----------



## dona83 (Jun 26, 2005)

CSonni, give us an update, how are things?


----------



## green_ears (Feb 26, 2005)

Wow! What's up with all the PayPal frauds these days?! I just got a different second PayPal fraud email saying my credit card number is on two different accounts and I should contact the "Resolution Center" ASAP. The "Resolution Center" link is pointing to this different SCAM site:

http://61.104.85.109/www.paypal.com/cgi-bin/webscr_cmd=_login-run/


Once again, I've submitted it to [email protected]

Funny thing is the 2006 copyright on the bottom of the email, they need to update their scam machine's content! LOL

BEWARE GUYS!


----------



## green_ears (Feb 26, 2005)

Surprise surprise!

"Thank you for taking the time to contact [email protected]. The email you
reported was not sent by PayPal and is a phishing (fraudulent) email. "


----------



## csonni (Feb 8, 2001)

My update- I have not seen any fraudulent behavior with any accounts of mine. With saying that, I did cancel out my bank account linked to PayPal, cancelled my credit card, changed my ATM PIN, notified the 3 credit bureaus in Canada as well as the States for credit fraud alerts, called our department of motor vehicle (of which they said nothing needs to be done) and with the most major item, Social Security, I have not done a thing. After searching around, there seems to be nothing you can actually do apart from changing your number which is both difficult and potentially complicating for your future. In 3 months I will do a credit check with all 3 bureaus to see if there is any suspicious activity going on. Basically, this whole ordeal was like a slap upside the head. It has been quite a moral/spiritual lesson as well. We talked about it as a family around the dinner table, of how our individual choices and decisions can be so far reaching. I must say I'm a bit more paranoid with things relating to the internet, etc. Thanks for all the input. If anything transpires from my hasty mistake, I will post.


----------

