[reiyou]

About a week ago I got an email notifying me of a Paypal payment. While I do have a Paypal account, I am currently not expecting payments, and I did not recognize the payer. I just deleted the email, figuring it was a phishing scam, and dared not to touch the links.

Then I got another one this morning. I deleted this one too, without touching the links.

I did check my Paypal account (using my own link, not the one in the email), to make sure everything was ok and to verify there has been no activity (it was fine).

I wanted to note this here for those of you currently accepting Paypal payments, to watch out for phishing.

If I was currently actively selling and accepting Paypal payments, I might not have recognized the bogus payment notification if it was mixed in with the real ones. During the course of the day, I might have opened the bogus email, clicked on the link and gotten scammed.

There are probably some differences where the bogus notification is not exactly the same as a real one, but I haven't had any Paypal activity for awhile, and so had nothing to compare them with.

Perhaps the best way to avoid this is to only log on to Paypal directly using one's own link, and never from an emailed Payment Notification link, (whether it is real or not).

Just something to be aware of. Anyone else seeing these?

 

[Mindstate]

I get these all trough the year.

Not really something specific about t-shirt selling

 

[sicilianstyle]

ah man i get those ALL the time lately. The trick in telling if it is a scam is by looking at who they are adressing the email to. If they greet you with your full name (the exact name you use on your paypal account) then it is real. If they just say "Dear Paypal Member" or "Dear Paypal Customer" then it is a FAKE!

 

[maddog9022]

just remember paypal will never ask you for personal information through an email. thats what they told me when i got a couple email like that.

everyone be safe

edit- it isn't hard for people to get your real name. I know my name shows up almost everytime i send an email(atleast with yahoo users). I wouldn't even trust it if it says my name.

 

[sunnydayz]

Paypal also will never tell you to click a link in an email, they will always tell you things right thru your messages on your account and do not notify you of things thru email. They tell you to never click a link, and to always just open a new browser before going to your paypal page.

 

[R1Lover]

As mentioned never log into anywhere from a link, always go there directly.

 

[jjsmalls08]

yes, i had one of these not too long ago, and the best thing to do other than what you did by NOT clicking on the links is to foward the emails to [email protected] so they can take care of it for you. Even though this did happen, i still would recommend paypal to anyone who needs their services. it's the best way to get paid right away and their fees are very reasonable.
-jjsmalls08

 

[sunnydayz]

Its not paypals fault, its someone acting like paypal Unfortunately it happens with alot of big companies where people clone their site designs and set up scams, I have even gotten them for bank of america. It really isnt a reflection of paypal as they had nothing to do with the scammer, and has no effect on how paypal process's payments.

 

[Jasonda]

ah man i get those ALL the time lately. The trick in telling if it is a scam is by looking at who they are adressing the email to. If they greet you with your full name (the exact name you use on your paypal account) then it is real. If they just say "Dear Paypal Member" or "Dear Paypal Customer" then it is a FAKE!

Uh.. I hate to burst your bubble here, but I get scam emails that use my full name all the time.

Trust me, if your name is out there somewhere on the internet, some scammer has it on a list already.

 

[sunnydayz]

yep I also get them with my name on them. Its always just safer to never click on any email with a link to any site that has to do with personal information or finances.

 

[CUSTOM UK]

Phishing is a worldwide problem, that every payment gateway and bank customer can be prone to. Sadly it's not going to go away and it's something you have to be very aware of.

PayPal tends to be more prone, due to its massive use on EBay. Almost everyone will have seen the 'you have paid XXXX xxx @ xxx . com $xx using Paypal'. Many folks surprisingly don't have any anti-virus installed, so a half decent virus is capable of lifting your details off someone else's computer.

 

[sicilianstyle]

Uh.. I hate to burst your bubble here, but I get scam emails that use my full name all the time.

Trust me, if your name is out there somewhere on the internet, some scammer has it on a list already.

Im sorry but arent we taking about PAYPAL and not other scams. I was specifically talking about paypal scams and paypal scam emails NEVER EVER use your FULL name in their scam emails. Only real paypal emails use real FULL names that you used to open your paypal account. If you do not believe me, when you get another fake paypal email check inside and see. Have a good day!

 

[Jasonda]

Im sorry but arent we taking about PAYPAL and not other scams. I was specifically talking about paypal scams and paypal scam emails NEVER EVER use your FULL name in their scam emails. Only real paypal emails use real FULL names that you used to open your paypal account. If you do not believe me, when you get another fake paypal email check inside and see. Have a good day!

I've also gotten a scam email from Paypal with my full name. It looked identical to a real Paypal email. Sorry, but it happens.

 

[Girlzndollz]

New scams evolve all the time, and older scams perfected.

I've received a few phishing emails with scammers using Ebay. This was 6 months ago, and Ebay did advise at that time that a real email will have my name in it, and a scam email will say Ebay Member, or something generic.

Now, again, that was 6 months ago, and alot can change in 6 months for sure! If the scammers Know that Ebay is telling me to look for my full name as a sign of a legit email from them, I would bet the First Thing scammers will try to accomplish is getting a real name in the email. Those people never sleep, that are at it all the time improving their methods. What may be safe 6 months ago, may no longer be the case. My example is with Ebay, not Paypal or anyone else.

Oh, I did get a phishing email for a big name credit card I have, the email said my credit card was compromised. To log in and verify everything is okay.... via the link. I opened a new window, logged on directly. Like Sunny says, there was no direct message on my account from the credit card company, so I knew that the email was a phishing email already. I phoned in, told them what is up, and yes, I had to forward the phishing email to my cc company. Always log in to your account in a new window, and ask the company to verify the email. This has worked for me several times.

Please add my vote to the list of votes for accessing websites directly via typing www.websitename.com into the browser, or by a trusted bookmark. PS: Are bookmarks a safe bet? Can they be manipulated?

 

[Solmu]

I think checking to see if the e-mail is a scam is a waste of time. If you're receiving an e-mail, it's a scam. Credit card companies don't send you "Your account may have been compromised, please log in to verify, etc." e-mails - they just put a hold on your card.

It really is a lot simpler than "Ooh, is this one legit?" - the answer is always no.

The difference between legit and dodgy e-mails is also a lot more obvious if you don't use an html e-mail client. The scammers never get their formatting quite right in plain text.

The real danger will come when scammers start targeting their marks individually like traditional fraud. You'd have to be an idiot to fall for the current crop of phishing scams, but if someone tailors everything to you directly it's going to be a lot harder to know, since plenty of seemingly private information is often more public that we would like or realise.

 

[CUSTOM UK]

For the scammers, it is always going to be far easier than working full time for a living. They literally have all the time in the world to make their scams far more sophisticated than they are now and we are all unfortunately potential targets.

 

[Girlzndollz]

I think checking to see if the e-mail is a scam is a waste of time. If you're receiving an e-mail, it's a scam. Credit card companies don't send you "Your account may have been compromised, please log in to verify, etc." e-mails - they just put a hold on your card...... The real danger will come when scammers start targeting their marks individually like traditional fraud...... but if someone tailors everything to you directly it's going to be a lot harder to know, since plenty of seemingly private information is often more public that we would like or realise.

That's right, I agree with most of what you said. But we've been frauded via credit card and directly thru our bank account with false checks being produced in Staples and spent at Walmart several states away. We've not had our credit card or bank account shut down in prevention of further fraud. The email I mentioned was sent with our names in the email.

So, when I see communication from anyone in my email account, from the bank, paypal, ebay, or credit card companies, I just log directly onto the website to be certain the communication is authentic.

Everyone wants me to go paperless, they are always sending info via email anymore. I get so many I don't have time to wonder if I am reading fraud or not. That's why I cut out the entire question of it by logging in and double checking.

Plus I don't mind sending in my spoof emails if it helps them learn how to get as smart as the bad guys - which is what I hope they are doing/learning when I send them in to them ~fingers crossed~ but whatever, it's ultimately up to ourselves to try to be careful and smart.

I totally agree some of these are ridiculous scams, but some look so authentic it is amazing. I have literally been taken back by how real they can look. I mostly feel bad for folks who don't realize how tricky these scammers can be.

 

[Girlzndollz]

One good tip is to disable the automatic downloading of web content. This causes just the actual text of the email to be displayed. If it looks clean, the email content can be requested.

For microsoft outlook users, this is set in the security tab of options. In that window, there is a button, "automatic download settings..." Click i and check every box inside the dialog which pops up.

Instead of an official looking email with microsoft the apparent sender, the address of the file will come from has a screwed up server name rather than microsoft.com.

Download the latest version Internet Explorer 7.0!
<h ttp: //87.137.49.108/IE-7.0.exe>

fred

I will be looking into whatever this is you are talking about, Fred. Thank you.

 

[reiyou]

Excellent replies.

For me a key point was what Solmu said. Don't log into any accounts from an email link. Type in web addresses natively in new browser windows. Thank you for these practical tips.

There is a special corner in hell for scammers.