WARNING ebay and paypal spoof emails

A question about : WARNING ebay and paypal spoof emails

This thread is intended as a warning about spoof emails knows as 'phishing' mails that purport to be from ebay or paypal and which are designed to get users to reveal their details to a third party.

These emails are very common but are equally easy to spot and all tips are wecome. Basically this is what ebay have to say on the subject:

https://pages.ebay.co.uk/help/confide...eft-spoof.html

This is important to remember:

If eBay requests information from you, a copy of that email will be in the My Messages box in My eBay. You can submit the requested information using My eBay.

This is what paypal have to say about these emails:
https://www.paypal.com/helpcenter/ma...513&isSrch=Yes

The first thing to look at when you get an email you are not expecting is how it is addressed. Ebay and paypal will always use your real name as registered with them, so any mail that starts 'dear user' or 'dear email address' is almost certainly a fake and you don't even have to read any further.

Any emails you receive that you are unhappy about can be sent to spoof@ebay.co.uk but be aware that they default to confirming that everything is a fake, even the real ones!

This post is work in progress so I will be back later to add more. However please feel free to add more posts to this thread. let's stay safe out there!

Best answers:

• Hi
  Just to add to Soolin's post, I work for PayPal UK's PR agency. PayPal takes the threat of phishing very seriously, so therefore we have put together some tips and produced a short film with PayPal's Global Chief Information Security Officer advising users how to avoid phishing emails and stay safe online.
  Neil
  Here's a link to the video: https://www.youtube.com/watch?v=uYeit_5pHo0
  Tips for avoiding being caught out by phishing emails:
  1. Check your account! If a PayPal user is ever sent an email which seems you should log into your account and verify any activity before going ahead with any transactions.
  2. Generic greetings. Many spoof emails begin with a general greeting, such as: "Dear PayPal member." If you do not see your first and last name, be suspicious and do not click on any links or button.
  3. A fake sender's address. A spoof email may include a forged email address in the "From" field. This field is easily altered.
  4. A false sense of urgency. Many spoof emails try to deceive you with the threat that your account is in jeopardy if you don't update it ASAP. They may also state that an unauthorised transaction has recently occurred on your account, or claim PayPal is updating its accounts and needs information fast.
  5. Fake links. Always check where a link is going before you click. Move your mouse over it and look at the URL in your browser or email status bar.
  6. Emails that appear to be websites. Some emails will look like a website in order to get you to enter personal information. PayPal never asks for personal information in an email.
  7. Deceptive URLs. Only enter your PayPal password on PayPal pages. These begin with https://www.paypal.com/. If you see an @ sign in the middle of a URL, there's a good chance this is a spoof. Legitimate companies use a domain name e.g. https://www.company.com.
  ·Always log in to PayPal by opening a new web browser and typing in the following: https://www.paypal.com/.
  ·Never log in to PayPal from a link in an email.
  8. Unsafe sites. The term "https" should always precede any website address where you enter personal information. The "s" stands for secure. If you don't see "https," you're not in a secure web session, and you should not enter data.
  9. Misspellings and bad grammar. Spoof emails often contain misspellings, incorrect grammar, missing words, and gaps in logic.
  10. Pop-up boxes. PayPal will never use a pop-up box in an email as pop-ups are not secure.
  11. Attachments. Like fake links, attachments are frequently used in spoof emails and are dangerous. Never click on an attachment. PayPal will never email you an attachment or a software update to install on your computer.
  If you receive a spoof email, forward the entire email - including the header information to spoof@paypal.com then delete it from your mailbox.
• In response to Neil, and especially to point number 4, I have to disagree entirely.
  Some of you will be aware that I run a not for profit organisation and we use Paypal for donations and selling other items in our website shop. However, a few days before Christmas, we got an email out of the blue from 'compliance@paypal.com' saying that we needed to submit lots of different documents relating to our account in order to keep it fully active. I submitted all of those items by fax. They then emailed to say that they wanted more information and listed it, but since it was a day or so before xmas, I left it until a day after xmas to fax back. However, in the meantime (ie. over xmas itself!) they emailed to say our account had been restricted due to lack of response. It remains inactive and nobody can donate or buy from our site. They do not give surnames or a telephone number and yet ask for very personal account information. At first, I thought it was a hoax, but sure enough, they have, without rhyme or reason, suspended our account..over Christmas. I just feel thankful that we are not a business that relies on Paypal sales at xmas, but I'm still amazed that they can do this, esp since we've been operating the account for several months without any problems. We now can't even get the money out of the account that has already been donated.
  I have been doing some research since then and found out that I am not the only one who is having problems. www.paypalsucks.com shows exactly why people should not use Paypal and why it is far from secure. Meanwhile, we remain in limbo and seem to have no way of resolving this or getting the tiny amount of money we had in our account.
  The latest is, we have now been sent a survey done on behalf of Paypal which requests our feedback on the whole matter now that the limitation has been lifted. Since it hasn't actually been lifted at all, you can imagine our feedback.
  Neil, trying to create good publicity out of a company that treats people in such a despicable manner must be a very hard and unrewarding job. You are convincing, but I'm afraid the truth speaks for itself - one only has to check the paypalsucks.com site to see how many others (some businesses that rely on Paypal) are suffering at the hands of this company.
  Argghhhhh! Dee
• i just got a very realistic spoof saying i won an item, but it lacked an item number, was in dollars and wasnt in 'my ebay' (didnt click through the email) very very realistic though
• BEWARE this phising Scam e-mail is on the go at the moment
  MY NAME WAS INSERTED HERE
  this is a very real looking scam and they had my name and paypal e-mail and very authentic looking copy of paypal to try and recieve my details from ... They hope you would automatically hit the dispute transaction button and give them your password and bank details etc ... luckily I realised straight away and didn't give them any info and I have forwarded it to paypal spoof
  I would like to know how they got my NAME and paypal address in the first place !!!!!
  Please be careful
• OMG I have just received this email. I am shaking like a leaf cos I thought someone had used my money! I am relieved that it is a scam (kind of) and I have done exactly the same as you - forward to paypal and didnt click on anything! Thanks for posting this - I really appreciate it
• Apart from the excellent advice given above there is another way to quickly check for a spoof - so if somehow the email is addressed to you personally and not "Dear user" you just need to check the status bar of your web browser to see if the address shown there (which is the REAL address you'll be sent to) matches the one in the email.
  So if the address in the email says www.paypal.com/accounts/verify
  Just hover your mouse over it - DO NOT CLICK and then look in the lower left of your browser.
  If you hover over the link above you'll see what I mean - your status bar will show...
  h ttp://Iamaspoofingswinetryingtorobyou.com
  In any event - if you get any such sort of email it's better NOT to use the email to log on to your account but to log on in your usual way. Then when you go to the usual "Account details" link - if there's anything that needs fixing, changing, or updating they'll tell you on the site.
• I got sent one today (which Gmail sent straight to my Spam folder) purportedly inviting me to be an ebay Powerseller.
• I have received this e-mail below. Am I correct in thinking this is a scam?
  Attention! Your PayPal account has been violated! ©‏
  From:Paypal Customer Support © (Global-Privacy@admin.net)This message may be a phishing scam. Sent:09 February 2008 22:47:50To:
• Yup, I'd say it was a spoof
• i got one today, about my account needs reactivating.
  very realistic looking but not addressed to me directly by name. just my email name.
  i logged onto paypal by the proper method and sure enough, there was no dispute of any kind.
  please remind everyone you know, never to log onto your paypal account thro an email link.
• Notification of Limited Account AccessDear ormusxxxxx@yahoo.co.uk,
  As part of our security measures, we regularly screen activity in the PayPal system. We recently contacted you after noticing an issue on your account.We requested information from you for the following reason:
  We recently received a report of unauthorized credit card use associated with this account. As a precaution, we have limited access to your PayPal account in order to protect against future unauthorized transactions.
  Case ID Number: PP-464-725-244 In accordance with PayPal's User Agreement, your account access will remain limited until the issue has been resolved. Unfortunately, if access to your account remains limited for an extended period of time, it may result in further limitations or eventual account closure. We encourage you to follow our verification procedure as soon as possible to help avoid this.
  Click here to login and restore your account access
  Once you log in, you will be provided with steps to restore your account access. We appreciate your understanding as we work to ensure account safety.
  This is a final reminder to log in to PayPal as soon as possible.
  We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.
  Sincerely,
  PayPal Account Review Department
  PayPal Email ID PP638
  Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the footer of any page.
  PayPal Email ID PP638
  Protect Your Account InfoMake sure you never provide your password to fraudulent websites
  To safely and securely access the PayPal website or your account, open a new web browser (e.g. Internet Explorer or Netscape) and type in the PayPal URL (https://www.paypal.com/row/) to be sure you are on the real PayPal site.
  PayPal will never ask you to enter your password in an email.
  For more information on protecting yourself from fraud, please review our Security Tips at https://www.paypal.com/row/s ecuritytips
  Protect Your PasswordYou should never give your PayPal password to anyone, including PayPal employees.
  ------------------------------------------------------------------------
  notice how clever the url is, when you hover your mouse over the link.
• The safe way is to open a browser and go straight to the website you intended to login by typing the URL.
• I had a very realistic looking one the other day addressing me by my surname, which came to my inbox rather than spam, saying my account had been limited. Even though I was 99.9% certain it was a fake, I checked my account in a separate window and found nothing wrong, so I forwarded it to Paypal who confirmed with about 10 mins it was a fake.
  Unfortunately I've deleted it so can't post it here, but it asked for the sort of documentation that Paypal would if your account was limited, but wanted it scanning and emailing.
• I had an extremely clever one today, I would have fallen for it, if it wasn't for the fact my main email account is linked to a posting ID with one fb, and my main ebay account has a seperate email address just for that and Paypal!
  Dear eBay Member,
  Congratulations! Your recent selling activity entitles you to Bronze status in the eBay PowerSeller Program. Please visit www.ebay.com/powerseller and sign in to activate your free membership to enjoy these great benefits and services:
  See the PowerSeller icon next to your User ID
  Free seller support via Live Chat, 24 hours a day, 7 days a week for all Bronze PowerSellers. If you also meet the annual volume requirement, you are also eligible for phone support. Log in to the PowerSeller portal for the most updated information on your customer support options.
  Get exclusive offerings on the PowerSeller portal--check back often for updates!
  Network on the exclusive PowerSeller Discussion Board.
  Download free business templates for PowerSeller business cards and letterhead.
  Be sure to sign up today--it's FREE! Visit www.ebay.com/powerseller and click "Member Sign In."
  Again, congratulations and best wishes for your continued success!
  Sincerely,
  eBay PowerSeller Team
  eBay sent this communication to you because of your outstanding feedback, high sales, and good account standing. If you would not like to be invited to join the PowerSeller program, follow the directions above, click "Member Sign In", and then click "Decline" at the bottom of the page. Please note that it may take up to 10 days to process your request.
  Copyright © 2008 eBay Inc. All Rights Reserved.
  Designated trademarks and brands are the property of their respective owners.
  eBay and the eBay logo are trademarks of eBay Inc.
  eBay is located at 2145 Hamilton Avenue, San Jose, CA 95125.
• forgot to add, roll over the links, looks very convincing, AND came from From: eBay TeamSellers (confirm1@ebaysecure.com)
• Hi cant believe what ive just done looking through emails there was 1 from paypal or so i thought saying my payment for leatherbound books $199 is been processed click on this link if you want to cancel stupidly i did and put paypal password in before it dawned on me you are not supposed to click on it
  then it asked me for bank details which i didnt give thankfully but ive changed my password and cancelled my bank card is there anything else i should do :confused:
• I have had a couple of fake emails from some pretending to be paypal, very realistic, only difference an extra l on paypal(l) on there email address