Be careful about Paypal phishing scams

You have always thought that Paypal is one of the safest methods for paying your online purchases, isn’t it?

Yes, you are indeed right but that does not mean that you should give away your credit card details everywhere on the web. Not even login using your Paypal credentials. Yes, you should be careful not to enter these details onto fraudulent web sites, more or less identical to the genuine one.

People are always looking for new ways to commit frauds, through various methods including the rather famous “You have win $10,000,000” emails or through any other mails. While Nigerian scams are much known nowadays,  other forms of phishing/scam exist where people create fake web sites/mail addresses to ask for your credit card details/login credentials.

A mail from “Paypal”

Today, I was quite surprised to receive a mail on behalf of Paypal, claiming that access to my account has been restricted. On top of that, it was written in French. This was pretty weird.

Scrolling downwards, I found a link and a mouse hover allowed me to display the masked link towards some fraudulent server, identical to Paypal.

The aim of this email is to get you

  1. Log into the fake web site using your real username/password
  2. Enter your credit card details into the fake web site

Because this email seemed so real and ‘official’, non-geeks users might easily get trapped. So, this sounded to be a good topic for the blog.

A few small tips

  • NEVER trust the “From” email addresses.
    It is so easy to fake anything in there.
  • ALWAYS verify if any links are actually hosted on the actual site (paypal.com) and not some other site/ip address (screenshot above).
  • If you get weird mails asking for your passwords etc, do not hesitate to contact the company (banks for example) to inquire why and report the mail.
  • Whenever you are SUSPICIOUS about the identity of a web site/person, keep yourself away or ask for advice around you.
  • IMMEDIATELY suspend your credit card(s) in case you suspect having entered your details onto some fake site.
Finally, trustful companies will NEVER ask you to email your login passwords or require you to click on some weird and unknown link to enter their site.

Does yashvinblogs.com do that? No, because this is a trustful blog 🙂

Cheers!

Recommend this blog article to your friends by clicking below.

You may also like...

  • Anonymous

    Good advice, too many of these going around.

  • Raviluchmun

    Yashvin, I would really like to see the details provided by gmail in the first picture. Could you post or tell us if gmail confirmed the identity of the mail servers sending that email ? Something like:
    “mailed-byinfo.paypal.com
    Signed byinfo.paypal.com”
    Thank

  • Here’s part of the technical stuff :

    Received: from node-rs108.smtp.com (node-rs108.smtp.com [74.205.51.66]) by mx.google.com with ESMTP id w44si1494857wec.12.2011.08.09.01.39.03; Tue, 09 Aug 2011 01:39:05 -0700 (PDT)
    Received-SPF: neutral (google.com: 74.205.51.66 is neither permitted nor denied by best guess record for domain of service@intlpaypal.com) client-ip=74.205.51.66;
    Authentication-Results: mx.google.com; spf=neutral (google.com: 74.205.51.66 is neither permitted nor denied by best guess record for domain of service@intlpaypal.com) smtp.mail=service@intlpaypal.com; dkim=pass header.i=@smtp.com
    Received: from HOstilePRODPC (unknown [41.107.11.1])
    (using TLSv1 with cipher AES128-SHA (128/128 bits))
    (No client certificate requested)
    by node-rs108.smtp.com (Postfix) with ESMTPSA id 10BA815E47A3;
    Tue, 9 Aug 2011 04:34:40 -0400 (EDT)

  • Raviluchmun

    Thanks. Actually I was looking for something simpler for everyone to interprete like the picture attached.
    Does the message you received is like in the picture below ?

  • lol. I went into too much details. 
    This screenshot should be ok!

  • lol. I went into too much details. This screenshot should be ok!

  • Raviluchmun

    So, next time if you use gmail or yahoo, atleast check if the email claimed to be from paypal has been “signed” and “mailed” by that company.  
    It’s the first line of defense.

  • Raviluchmun

    So, next time if you use gmail or yahoo, atleast check if the email claimed to be from paypal has been “signed” and “mailed” by that company.  
    It’s the first line of defense.

  • lost wanderer

    Personally, most people should start to hover and see the link before clicking on it. Most of the time, when it comes to such important things, I at least make sure there’s the https header. ^_^ Nice one as usual!

  • TL

    Or just open another tab and goto paypal.com pu bizin ena ene historique ou notification when u login..i think..

    TL

  • TL

    Or just open another tab and goto paypal.com pu bizin ena ene historique ou notification when u login..i think..

    TL

  • Vikram

    You’re almost a hero as this guy http://imgur.com/vNqt3

  • Avnish

    Hey I guess there are fake e-bay as well!!! Since once I wrongly typed an alphabet from the word e-bay and was directed to another site!!! Guess wat??? It looked exactly the same as e-bay!! Same layout nearly same adverts etc..

  • Avnish

    Hey I guess there are fake e-bay as well!!! Since once I wrongly typed an alphabet from the word e-bay and was directed to another site!!! Guess wat??? It looked exactly the same as e-bay!! Same layout nearly same adverts etc..

  • Hey man fer tantion … ena ene nuvo facon aster … li ekrir paypal.com em selma li pa legit … foDer fer ene WHOIS check toutle temps lr paypal,com ek cross-check ek ip toP access via netstat. lrla to safe