B-E-W-A-R-E
IF YOU HAVE A P@YP@L ACCOUNT, BEWARE OF PHISHING OR SPOOF EMAILS!!!!!
So far, I have gotten ELEVEN this morning!!!!
They will tell you that your account has had suspicious activity and your account will be su$pended if you don't update your creDi+ c@rD info! THE EMAIL WILL LOOK AMAZINGLY LEGITIMATE right down to the logos and the email ID # they usually always assign.
For me, since I HAVE been using my account much differently than usual, I was worried!
Being the stupid chick I am, I clicked on the link in the em@il and entered my login info and p@ssw0rd. The site looked EXACTLY like the PP page!! THEN, I went from stupid to idiot and entered my cc info. THEN it asked for drIver'$ licEnsE info. Hmmm... THEN the light went on and I noticed that the URL was not secure. Up top, there was a link to click that said "Security Info" and when you click that, you get a popup window assuring you of all the measures PP takes to protect you.
Then I noticed the URL began with numbers instead of the usual PP[dot]com. THEN I erased all the info I'd provided and closed the window.
THEN I called PP and asked what the heck should I do since I'd just handed over my login info.
Turns out, thank God, that all I needed to do was change my p@ss, and forward all the emails to PP's fraud department and delete them totally...which I'd already done. I guess by that time, I'd finally grown a brain!
All that to say, BEWARE!!!!!
*panting from panic*
Okay, today I gotta go to the post office and mail a package. Then, I'm heading to L0we's to buy some paint using a coupon.
I am in way-big pain today.
UPDATE: I have looked further into this scam and found that the IP address used is of Latin origin, specifically Uruguay. I looked it up on ARIN, so you can click there and see for yourself. I emailed the address listed there, then I looked up the {dot}com they were using in the email to me, which was service.com. It's a web development company, so then I emailed those folks there, too.
Corey's laughed at me for hunting these suckers down. Hmph! There ain't much that makes me madder than a con-artist or a fraud. I've had enough dealings with those in the past few months, thank you! I didn't let that one off the hook and I don't intend to let these scammers off either!
I got an email reply from the webform I sent to P@yP@l and it was beyond ludicrous. Here's an excerpt:
Thank you for writing to PXXPXX regarding the email you received.Because this is not an xBxy or PXXPXX member, website, or email, we are
unable to determine if this email is legitimate. While it may be
considered spam or possibly even fraudulent, it is not something we can
determine on behalf of other companies. This email should be reported to
the company that appeared to send it for their assistance and
investigation. Normally, to do this, you would substitute the word
"abuse" in place of the name in front of the @ symbol. For example, if
the email was sent from user@goodmail.com, you would send your report to
abuse@goodmail.com.
See? STUPID! Gah! I replied to them stating that their advice made NO SENSE seeing as I AM a member and have been one for the past 3 years AND that I assumed that since the scammers were using THEIR company name that THEY would wanna look into it.
Gah.
Anyhow, there's the skinny on that.
G'night!
Comments
yikes how scarey!!! i have gotten emails like that, but i never even opened them because i do not even HAVE a paypal account!
Posted by: mrs. diamond | November 16, 2005 07:32 PM
Yea, I get these and just delete them. If you entered your credit card number, you might ought to watch your bill closely to make sure there's not charges there that are not yours.
Posted by: Sandy | November 16, 2005 10:38 PM
Oh, G, dearie Paypal will NEVER send you that kind of email. Before clicking on any link be sure to see what address it's really taking you to. It usually has the word "paypal" in there but it's NOT taking you to Paypal. Are you sure they didn't get your CC#? I get these emails all the time, even on accounts that aren't hooked to Paypal. The best way to check if there is a problem with your account is to type http://www.paypal.com/ into the address bar of your browser and log into your account that way. If there is something wrong or you can't log in, you can contact Paypal then. Double check about that card # though. I'm not totally sure how it's done but the page you went to could have installed malicious stuff on your system and could have possibly logged what you typed. Please check to be sure. You know what we just went through with fraudulent charges, etc. and it's NOT fun.
Scratching my head about the email Paypal sent you. Really out there...
Posted by: K & , | November 16, 2005 10:54 PM
Well, Dia, I wish *I* didn't have an account. It'd have been much clearer to recognise a scam!!!
As it was, I was so panicked that my account was going to suspend, I was stupid!!
(backgrnd info: Had lotsa trouble getting that first acution payment)
Anyhow...gah!
Posted by: Subject G | November 16, 2005 11:25 PM
You gotta point, Sandy & w/what Kym's said, I am more worried. *sigh*
Posted by: Subject G | November 16, 2005 11:26 PM
Oh no, Kym! I hadn't even thought of the possibility that they could've STILL got my cc info. GAH!
I called PP on the phone. Last time ('memeber?) I emailed them, I never got a response!!!
I am just SO thankful that my brain turned on before I hit the send button on that page w/cc info. But when it got to the dr. lic. #, that made me EXTREMELY suspicious. I never even thought about it logging keystrokes.
How awful is that!?!?
I have Norton Internet Security, but dunno if it would block something like that. Also have a firewall.
I think I'll just call the bank tomorrow & have the card cancelled.
That will be THE PITS re: the things I have linked to it like Bl0ckbuster 0nline, my ISP and such.
But I think I should.
Sheesh.
Thanks for pointing that out.
Oh, and I have NEVER gotten a scam type email that looked so entirely legit!! NASTY CROOKS!
Posted by: Subject G | November 16, 2005 11:31 PM
It might be best to cancel the cc like you mentioned. The fact you didn't hit send helps but like Kym said some scam sites have keystroke codes somehow wrote into them. Also, people do ebay the same way-saying your account needs to be updated, etc. Too bad there are so many people who are scammers.
Posted by: Sandy | November 17, 2005 12:16 AM
Update: I cancelled the card. *siiigh* Will be ten days w/o one!
WAH!
;) Nah. I can live w/o it that long. Just had to change account settings for some online stuff.
Posted by: Subject G | November 17, 2005 08:42 PM
Good to know! I got something like this a while ago, but just ignored it and my account still worked, so guess I am ok!! Thanks for sharing this!
Posted by: Tracey | November 18, 2005 03:51 PM
It's been really eye-opening, if nothing else.
Sheesh!
Posted by: Subject G | November 18, 2005 04:08 PM