Attention all users of Paypal. I just recently received an email from what looked to be a legit email from Paypal. the sender was support@paypal.com, it had all the symbols of a usual paypal email I get from them, and all but 1 link went to the real site. Then they provided a link that would take you directly to the update page. So I just hurridly clicked it, not looking to what the url of the link really was. It sent me to what looked almost 100% like the real site, but the url looked kinda funny, with an ip address with the first part, and some paypal crap for the second part. I shrugged it off, and proceeded to log in, which usually sends me to my paypal home page. Instead, it sent me to a page asking for all of my personal info, including credit card and checking account number. Red flag went up in my head, and I opened another window to the direct link for the main site, and started comparing them. It looked pretty much the same, except for one small link that should have been there on the fake page that was on the real. I proceeded to head back to my email from the supposed paypal people, and double checked the link, and it was to this weird site called http://www.scentfuldesigns.com/forum/addintry0.php. So I went back to the real site and immediately changed my password.

So if anyone receives an email asking to update your paypal information, don't do it.

i get those all the time

Yeah, Me too.

Way to be late.

Aw he was trying to be thoughtful.

Thanks for the heads up!

I get these often on my company e-mail and ignore them every time. The first time I was sent one I entered some pretty bogus and vulgar information into the fields and submitted it. Scammers suck.

I had three of these yesterday when I checked and at some point in the email it talked of my "Papal account."

Sometimes being anal about spelling comes in handy.

love it when you talk dirty

prevert

I got the same thing from Ebay. It had a link to something like customerinfo@ebay.com, but when you put the curser over the link, it showed an IP address.

I am so fucking careful about anything I get in email. Fucking scammers should be castrated.

I don't bother with links in emails. If the email purports itself to be from PayPal, I'll go directly to the PayPal site and check my account information myself.

Thanks for posting the information, though, hon. People do get sucked in by stuff like this and it's always good to have a warning when the scammers are acting up. :)

One of our fraud cases here at work is now over 30,000 cards - all that have been phished.

And you figure each card = ~$1,100 in average withdrawals before it's tossed..

$33,000,000

A good portion of those being paypal e-mails. Money being pulled from ATM's mainly in Romania.

I had this happen to me earlier this week, and I did not realize that it was a phish site until after I had submitted my credit card information (was mentally exhausted at the time).

So I immediately called my credit card, explained the situation, asked them to cancel the CC and send me a new one. Then I went to my CC site and changed the password, as well as my PayPal password.

I'm usually much more careful than that, but I messed up that time.

Anyhow, at least if the person(s) try to use the now-canceled CC, the CC company will know who they are? Hopefully some good will come out of that...

Legitimate sites don't send emails asking for your account information. They already have it, if you've given it to them. They'd have no reason to send you an email asking you to verify it. That would be done when you logged into the site, if it ever needed to be done at all.

That's why I always log into the site that purports to be asking for information. If they really want something, they will have directions on their site telling you what they want you to do. It's also important to change your password often on any site that has your credit card number or other personal (especially financial) data on you.

And if that's not enough:

Bank of America Corp. and Wachovia Corp. are among the big banks notifying more than 670,000 customers that account information was stolen in what may the biggest security breach to hit the banking industry. (http://money.cnn.com/2005/05/23/news/fortune500/bank_info/index.htm)

That's because you have to have a criminal record to work at Bank of America.

Wachovia offered me a job in one of their divisions... so I can't say anything too terrible about them. BoA is horrible though. CRIMINAL!

"Hero Hackers" shutting down fraudulent phishing websites (http://go.fark.com/cgi/fark/go.pl?IDLink=1502169&location=http%3A%2F%2Fuk.news .yahoo.com%2F050525%2F323%2Ffjrgo.html)