[ad#lifelock]
I received an email this morning saying that my PayPal account had just put into a limited access mode. At first I was thinking what is limited access anyway? I mean, I never expected anything wrong with my account that I would receive this email from PayPal. I was a bit worried about having limited access as most of the online business owner knows that this is the major payment processor we use online.
The ID Theft Risk Management Specialist part of me kicked in and started studying this new email that was “apparently” from PayPal. At first glance, all appeared to be in order until I noticed the following discrepancies:
1. The email is not sending out from actual PayPal email. In the sender information, it is service@paypail.com Vs service @ paypal . com.
2. It provides an fraud case ID. I checked in my account based on the ID provided and I can’t found the record.
3. Another fraud email provided in the email: security@paypalfraudcheck.com Vs security or service @ paypal.com. And attempting to go to this domain automatically redirects to PayPal properly.
4. The way to remove the limit access is simply unreasonable. The email said this: “completing all of the checklist items will automatically restore your account access”.
1) Personal identification – a copy of one photographic ID from the following list:
- Passport – Driving license – National Identification card
2) Address verification – a copy of one of the following (online statements not accepted):
- Utility bill – less than 3 months old
- Bank statement – less than 3 months old
5. Last but not least, he send to my primary email address instead of my paypal email address.
Think about it, if you account is being limited access, that means your account is being monitored by Paypal, there is no way it will restore automatically by simply by submitting these documents. I am sure Paypal will go through the manual verification process in order to remove that access.
6. To further confirm it is a phishing email, I went to do domain whois check on the domain names provided. This screenshot below confirms that this domain does not belong to PayPal.
I found out this appeared to be one of the phishing email that send out by a guy named Ryan Gunness (according to the whois record) and it sound like the following email screenshot. And I received an answer back from spoof@paypal.com within 30 minutes of submitting this email that it is indeed a phishing email.
AKPC_IDS += "618,";Popularity: 5% [?]
2 Responses
[...] BEWARE: New PayPal Phishing E-Mail Scam [...]
Posted on November 19th, 2008 at 2:22 pm
I do receive the same email 2 weeks ago and I nearly believe in him and send the details.
After I double check on the email contents, I conclude that a fake one.
To help people prevent from falling into this trap, I have wrote a blog post that show how to identify it’s a fake one, I thought I can share with you and your readers here.
Hope you will help you here.
Thanks,
Steven Wong
http://StevenWongBlog.com
Posted on November 28th, 2008 at 6:05 pm
Add A Comment