Wednesday, July 22, 2009

Pay Pal Members Beware of Phishers

Pay Pal Members Beware From Phishers and Cyber criminals

Dear Friends,

    Now we are producing before you about latest fraud emails which was seemed to be generated from Pay Pal and it came to one of our team member and then feeling it suspicious he mailed the entire content to Pay Pal and in response what Pay Pal said we are producing that before you for your future reference. 

Here is the suspected mail from spammer with its header file which was sent to Pay Pal for verification:-

Form Message
customer subject: Please use a supported language when contacting us.
customer message: Additional Information: 'Again I recived this mail was
it from yours.? to me
 show details ##:## PM (## hours ago)

Dear Kept Hidden ,( Here they used the name, which they did not use in previous mail)

On ##/##/#### I replied to the email message you sent regarding your

PayPal account. As part of PayPal's commitment to excellence, I want to
make sure I met your needs in my response. Would you please take a
minute to answer a few questions to let me know how I did?

>To respond to our survey, please click on the web address above. If
that does not work, please cut and paste the entire web address into the
address field of our browser. NOTE: Please respond within five days so
that you can provide timely feedback to me, Judith . AFTER # DAYS, THIS
>If you wish to take the survey anonymously, click the link below:


Here is the response from Pay Pal about the above email:- 

Dear Name Kept hidden,

Thank you for contacting PayPal.

Hello, my name is Hazel. From reading your email, I know you are
concerned about the suspicious email you received. I'm sorry if this
caused you any trouble, I'll be glad to explain this further for you.

Thank you for submitting this suspicious email, Mr. Hidden. We did
not send it,
so please don't click any link in the email and delete it
if you haven't already. We also recommend that you log in to your PayPal
account and check your transaction history for any inaccuracies.

Please forward the original email to and then delete
the email from your mailbox. Never click any links or attachments in a
suspicious email.

The majority of Unauthorized Access cases are a result of inadvertently
providing account information, such as bank or credit card account
numbers on a 'fake' PayPal website or in response to a 'fake' PayPal

It is also possible that if you have other accounts (email, eBay, etc.)
that share the same password as your PayPal account, and one of those
accounts was compromised, your PayPal account can be at risk of being
compromised as well.

Remember these steps to help protect your PayPal account from
Unauthorized Account Access:

Emails - Make sure they are sent from PayPal

  1. If you receive an email and are unsure whether it is from PayPal,
open a new web browser (e.g., Internet Explorer or Netscape) and go to
the PayPal website. Don't click on any link in an email which seems
suspicious to you.
  2. Some spoof websites will send emails that pretend to come from
PayPal to entice you to log in at the spoof URL. Be extremely cautious
of emails that direct you to a website that asks for your information,
such as your bank or credit card account numbers.
  3. Stay safe; don't respond to emails asking for any of the
  o Your password and email address combination
  o Credit card numbers
  o Bank account numbers
  o Social security numbers
  o Drivers license number
  o First and Last Names

Email Greeting -

PayPal will never send you an email with the greeting "Dear PayPal User"
or "Dear PayPal Member." Emails initiated by PayPal will address you by
your first and last name, or the business name associated with your
PayPal account. Please note that the automatic response you get from us
may not address you by name.

Always log into the PayPal site

  * PayPal will only ask for information after you have securely
logged in.
  * For your security, PayPal will never ask you to re-enter your full
bank account, credit, or debit card number without providing you at
least the last two digits of the number. These digits let you know that
we already know the full number and are asking you for the rest of it.
Beware of any website or email asking for these numbers for
"verification" that does not prove that it knows the number by providing
at least the last two digits.

Website pages - make sure that they are hosted by PayPal

  1. When using the PayPal service, always make sure the PayPal url
address listed at the top of the browser begins with "https." The "s"
ensures that the website is secure. Even if the URL contains the word
"PayPal" it may not be a PayPal webpage.
  2. Look for the '"lock" symbol that appears in the lower right hand
corner of the browser. This symbol indicates that it is a secure site.

Do not download attachments, software updates, or any application to
your computer via a link you received in an email. PayPal will not ask
you to download anything for your account to work.

Passwords - keep it on PayPal

  1. Use a unique password for the PayPal account and change it every
30-60 days.
  2. The password should be one that is not used on any other site,
service, or login.

Thanks for sharing your concerns with us. We value what you have to say,
and we know situations like this can be difficult. If you have more
questions, visit our Help Center by clicking "Help" in the top right
corner of any PayPal page.

PayPal, an eBay Company

Copyright© 2009 PayPal Inc. All rights reserved.

Consumer advisory: PayPal Pte Ltd, the Holder of the PayPal™ payment
service stored value facility, does not require the approval of the
Monetary Authority of Singapore. Consumers (users) are advised to read
the terms and conditions carefully.


Anonymous said...

Hi there,

I am a friend of Sitanshu Ray who forwarded me that link of your interesting blog.

Phishing mails like this will never stop in a principal way and of cause they can be danger like in this case.

This Phishing mail you posted looks like an "invitation" of a (so called) drive-by-infection. This means, if you open the link from this mail, your computer might get infected by a virus/trojan in a second without interaction. They might use unfixed or new vulnerabiliys in the browser and/or plugins to do that and its very possible that your antivirus didnt "know" that used virus/trojan. In worst case, your computer is after this a part of a botnet or they "only" steal data out of your computer like passwords, banking data etc.

If you check the main URL of this like, you will see that the owner of the domain is "inContact Inc." - a call center. Call Center often act like this and offer there service to "normal" companys i.e. to send out spam etc.

On the inContact Website you can also see the adress of them: 7730 South Union Park Avenue, Suite 500 Salt Lake City, UT 84047 or check the with the whois data.

But the problem is: It's hard to attest them, that they send the phishing mail by themself. They can easily say someone (unknown) did it. But there are also some possibility to make traps for them that could it be possible to sue them ... ;-)

Kind regards

Gautam said...

PayPal is pleased to collaborate with the Government judicial authorities for repression of crimes committed by or to the detriment of their users.

Requests for information from law enforcement and the orders of
acquisitions data the court should be directed to PayPal (Europe)
s.àr.l. et Cie S.C.A, 5th Floor 22-24 Boulevard Royal L-2449. These
can be sent to the Fraud Investigation Team

Requests for information by the police include:

• Send by fax on letterhead of the applicant
• Sign in charge of the investigation
• Direct to PayPal (Europe) s.àr.l. et Cie S.C.A.
Each request for information should include the following information:

• The e-mail address.
• All addresses and telephone numbers of the person you investigated.
• Your name, address, department, telephone and fax.
• Specific details about the information you need and how they are
needed for your investigation
*** Please note that PayPal has more than 70 million users and thus
more details
you provide will be more easy for us to identify the information you
have requested ***

PayPal (Europe) Ltd is an institution for the issuance of electronic
money regulated by the Financial Services Authority of the United
Kingdom and must abide by the Data Protection Act in accordance with
the laws. Therefore, for the release of financial details or
information on transactions carried out by our members, you must order
expressed by the court.

For more info or quick liason with PayPal contact ** **