• Sharebar
Crime and Fraud
Wednesday, October 1, 2008
The site of fraud

PayPal, the Internet transaction intermediary, recently reported suspicious-looking emails and fake websites. Emails sent to members, purportedly from PayPal, request that they verify their details, noting that their account ‘has been compromised’.

However, this is all complete rubbish and should be ignored. Paypal says it would never send out such emails anyway. Indeed, we are often warned that legitimate financial institutions never request clients to ‘verify their accounts’.
Paypal pleads with members not to respond to any emails of this nature, and indeed to exercise caution when visiting ‘secure’ banking websites. It gives the following safety tips:
Safe Log In: To log in to your PayPal account or access the PayPal website, open a new web browser (e.g., Internet Explorer or Netscape) and type in the following: https://www.
Greeting: Emails from PayPal will address you by your first and last name or the business name associated with your PayPal account. Fraudulent emails often include the salutation “Dear PayPal User” or “Dear PayPal Member”.
Email Attachments: PayPal emails will never ask you to download an attachment or a software program. Attachments contained in fraudulent emails often contain viruses that may harm your computer or compromise your PayPal account.
Request for Personal Information: If we require information from you, we will notify you in an email and request that you enter the information only after you have safely and securely logged in to your PayPal account.

Often, fraudulent emails will request details such as your full name, account password, credit card number, bank account, PIN number, Social Security Number, or mother’s maiden name.
If you think that you have received a fraudulent email (or fake website), please forward the email (or URL address) to spoof@paypal.com and then delete the email from your mailbox. Never click any links or attachments in a suspicious email.

More security tips and fraud prevention from Paypal

Website Security. Type in the PayPal URL: To safely and securely access the PayPal website or your PayPal account, and type in the following: https://www.paypal.com/
Password Safety. Never share your PayPal password: PayPal representatives will never ask you for your password. If you believe someone has learned your password, please change it immediately and contact us.
Create a secure password: Choose a password that uses a combination of letters, numbers, and symbols. For example, $coo!place2l!ve or 2Barry5Bonds#1. Avoid choosing obvious words or dates such as a nickname or your birth date.
Keep your PayPal password unique: Don’t use the same password for PayPal and other online services such as AOL, eBay, MSN, or Yahoo. Using the same password for multiple websites increases the likelihood that someone could learn your password and gain access to your account.
Look for a PayPal Greeting: PayPal will never send an email with the greeting “Dear PayPal User” or “Dear PayPal Member.” Real PayPal emails will address you by your first and last name or the business name associated with your PayPal account.
Don’t share personal information via email: We will never ask you to enter your password or financial information in an email or send such information in an email. You should only share information about your account once you have logged in to www.paypal.com/row.
Don’t download attachments: PayPal will never send you an attachment or software update to install on your computer.
Don’t share your account: Don’t use your PayPal account to collect or transfer money for someone else. These types of activity are often conducted as forms of money laundering or mail fraud and may result in significant criminal penalties. If someone contacts you and asks you to transfer money on their behalf, you should deny the request and contact us immediately.
Increase your security: Become a Verified PayPal member.
Look for legitimate sites: Examine all privacy and security seals before doing business with a particular website and make sure they are legitimate.

Here is an example of a fraudulent email.
It carried a compressed zip file which, if opened, would have probably launched a virus, or started mining for security passwords and so on.
PayPal
src=http://images.paypal.com/en_US/i/scr/pixel.gif
src=http://images.paypal.com/en_US/i/scr/pixel.gif

Dear member,
As part of our security measures, we regularly screen activity in the PayPal system.
We have reason to believe that your account was accessed by a third party. Because protecting the security of your account is our primary concern, we have limited access to sensitive PayPal account features. We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection. Please review the report that we have attached to this email to see who accessed your account and contact us promptly if anything is unusual.
Case ID Number: PP-854-512-134
 
Thank you for your patience as we work together to protect your account.
PayPal Account Review Department
PayPal Email ID PP2310

Very clever, isn’t it? But it is completely bogus.

Copyright © Insurance Times and Investments® Vol:21.9 1st October, 2008
601 views, page last viewed on December 5, 2019