Highfields Amateur Radio Club
Scam Warnings.

copyright date

Recently I changed some details on a PayPal account that I set up, namely the email and postal addresses; a new email address was added and an old (though still valid) email address was removed. All went well with the change with the usual small flurry of emails to me to notify the changes (all, as is usual, addressed to the account name).

The following day I received this, supposedly from PayPal. The email text is in bold, my notes/questions are bracketed:

from paypal.com service@paypalf.com (Who is "paypalf"? and the email should be from "service@paypal.co.uk" anyway)
to: (yes just blank, the alarm bells really started ringing)
date: 7 July 2011 15:31 (not important but the day following changes that I had made)
subject: Your PayPal email has been successfuly changed (yes but all dealt with the previous day and this email account is not associated to any PayPal account at the moment)

Dear member,

Your PayPal email has been successfuly changed.

You have added g********r@gmail.com (address obscured by me) as a new email address for your PayPal account. . (the double full stop was in the email, not a typo from me)

If you did not authorize this change, check with family members and others who may have access to your account first.

If you still feel that an unauthorized person has changed your email:

*Please download and unzip the form attached to your email.

*Submitting this form will restore your PayPal account email.

Thank You.

Attached to the email was a compressed file called "email-form.zip". DO NOT DOWNLOAD OR OPEN THIS FILE it will contain something nasty that will not be good for you or your PC.

Here is what PayPal say about emails:

How do I recognise an email from PayPal?

Check the greeting. We always address you by your first and last name, or the business name on your PayPal account.

Does the email ask for personal information? A PayPal email will never ask you for any of the following:
Check for attachments. We will never send an attachment or software updates to install on your computer.

And:

I received an email from PayPal - how do I know if it is genuine?

Here are some tips to help you recognise fraudulent emails and protect your PayPal account from phishing or spoof.

Check the greeting. We always address you by your first and last name, or the business name on your PayPal account.

See if the email asks for personal information. A PayPal email will never ask you for any of the following:
Check for attachments. We will never send an attachment or software updates to install on your computer.

If you received what you believe is a fake PayPal email, please forward the original email to spoof@paypal.com. Be sure not to change the subject line or any of the content. Then, delete the email. You should never click any links or attachments in a suspicious email.

(Extracts courtesy of the PayPal website)

The email was forwarded and deleted as instructed. The reply from PayPal a couple of days later says:

Thanks for forwarding that suspicious-looking email. You're right - it was a phishing attempt, and we're working on stopping the fraud. By reporting the problem, you've made a difference!

Identity thieves try to trick you into revealing your password or other personal information through phishing emails and fake websites. To learn more about online safety, click "Security Center" on any PayPal webpage.

Every email counts. When you forward suspicious-looking emails to spoof@paypal.com, you help keep yourself and others safe from identity theft.

Your account security is very important to us, so we appreciate your extra effort.

Thanks,

PayPal

The account concerned had not been compromised (I checked and all is OK), the email is just sent "on spec", hoping that we'll be caught out.

If I had not been "on the ball" I may have thought that this was a valid PayPal email and I could have acted upon it, especially as I had just added an email address the previous day.

If you receive any email like this from any company it is always safest to go directly to the website concerned, not via a link within the email, and log-in to check your account details, just to be safe and sure.

Warnings Index. Or Sitemap.