Log in

No account? Create an account

Previous Entry | Next Entry

Happy Easter!

I got an e-mail from PayPal this morning saying they think my account's been breached, and they've put limitations on it as a counter-measure. Not sure what this means -- I've only used it once, a long time ago, to transfer funds to someone in America who didn't want me to have her banking details. I have no idea whether this 'unauthorised access' means I'll stand to lose money in some way or other, and I'm not really sure whether any action is required from my side.

ETA: Thank you everyone who has warned me that this is phishing. I took your advice and reported the e-mail to PayPal, who have confirmed that they never sent it, and have given me some handy tips as to how to protect myself in future. Thank God I hadn't filled in any details, although I did follow the link initially...I have now deleted all my cookies and files from my computer, and hope that that'll be the end of it.



( 14 Speak Like A Child — Shout To The Top )
Apr. 15th, 2006 02:41 pm (UTC)
first thing i would do is make sure that the email actually came from paypal. go to paypal's site directly, not through any links in the email. if there is a hold on your account, the info will be there.
Apr. 15th, 2006 05:01 pm (UTC)
Thanks for the advice. It looked pretty legit, but you can't be too careful these days, can you? I'll take no action until I'm sure it really is from PayPal.
Apr. 15th, 2006 02:44 pm (UTC)
It's called "phishing" and it's not from PayPal. If you look at the URL in the link they give you it's usually a numeric address or something completely different from PayPal. They want to trick you into following the link and putting your logon info into the fake login box so they can steal it.

NEVER follow a link from email to PayPal, a credit card home page or any other place where you would give information that could be used to steal your identity. If you want to check, type the URL into your navigation box manually. (That is, type http://www.paypal.com/ not the address they give you.)

Sometimes just to make myself feel powerful, I go to the phishing sites and log in with username: imnotstupid, password:youarebusted
Apr. 15th, 2006 04:52 pm (UTC)
Sometimes just to make myself feel powerful, I go to the phishing sites and log in with username: imnotstupid, password:youarebusted


The e-mail I've received purports to be from support@ebay.com with a ReplyTo service@paypal.com. The link takes me to the PayPal login page (the same I get as when I type in the URL manually), but as I don't remember my login, and I'm not that interested in finding out what it might be, I don't think I've committed any serious errors of judgment yet.

Thanks for the warning -- I'll be careful!
Apr. 15th, 2006 04:30 pm (UTC)
It's not from Paypal. send it on to spoof at paypal.com.
Apr. 15th, 2006 04:59 pm (UTC)
Apr. 15th, 2006 07:25 pm (UTC)
You were right. It wasn't from them. Phew! ::wipes forehead:: There but for the grace of God...or in this case, my LJ flist. Thanks to you, no harm's been done!
Apr. 15th, 2006 04:44 pm (UTC)
Yeah listen to the people above. My account is breached like 3 times a day if the email doesn't say Dear Victoria Glen (your name) then it's not from Paypal so just bin it. Don't go through the links!!!!!
Apr. 15th, 2006 04:55 pm (UTC)
Well, it DOESN'T say "Dear [Real Name]" so I guess that proves it. Thanks for setting my mind at rest!
Apr. 15th, 2006 05:11 pm (UTC)
I do know you real name but my mind is drawing blanks, I'm rubbish with names good with faces :)

I emailed paypal about it when it first hapened to me and they told me that's the easiest way to tell if it's from them x
Apr. 15th, 2006 07:12 pm (UTC)
I just got word from what I know to be the real PayPal, and you're right, they do use my name in their salutation!

"Dear [Real Name],

Thank you for contacting PayPal. We appreciate you bringing this
suspicious email to our attention.

Commonly referred to as phishing, these emails are sent by fraudsters in
an attempt to collect sensitive personal or financial information from
the recipients. PayPal takes phishing threats seriously. Our fraud
prevention specialists are working 24/7 to help protect you and enable
the community to stay safe.

After review, we can confirm that the email you received was not sent by
PayPal. Any website which may be linked to this email is not authorized
or used by PayPal."

Then there are several instruction as to how to proceed should you already have given out sensitive information, which thank God! I had not done.

The thing that made me suspicious in the first place was that I'd set up my PayPal account from my work addy, as I didn't have a home computer at that time...and I hadn't gone back to change any info later. So I couldn't think how they'd gotten hold of my present e-mail address if they were the real PayPal people.
Apr. 15th, 2006 08:27 pm (UTC)
They're tricksy little buggers. They're getting so convincing!
Apr. 15th, 2006 09:12 pm (UTC)
They are! I always double-check the sender's address, and this one looked kind of plausible; as did the link to the login site. It wasn't until I got an answer from the real PayPal that I could see that there was a re-direct to another URL behind it.
Apr. 15th, 2006 09:14 pm (UTC)
I nearly got got by an Ebay one, and I am aware of these things.
( 14 Speak Like A Child — Shout To The Top )
Powered by LiveJournal.com
Designed by Tiffany Chow