General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsI just got a phishing e-mail from "paypal"
Here it is:
Your account has been suspended (Ref - 20282152943)
Nov 25 at 10:33 AM
PrintRaw message
𝖯𝖺𝗒𝖯𝖺𝖨
To: Trailrider1951
𝖸𝗈𝗎𝗋 𝖯𝖺𝗒𝖯𝖺𝖨 𝖺𝖼𝖼𝗈𝗎𝗇𝗍 𝗁𝖺𝗌 𝖻𝖾𝖾𝗇 𝗍𝖾𝗆𝗉𝗈𝗋𝖺𝗋𝗂𝗅𝗒 𝗋𝖾𝗌𝗍𝗋𝗂𝖼𝗍𝖾𝖽
𝖸𝗈𝗎𝗋 𝖯𝖺𝗒𝖯𝖺𝖨 𝖺𝖼𝖼𝗈𝗎𝗇𝗍 𝗁𝖺𝗌 𝖻𝖾𝖾𝗇 𝗅𝗂𝗆𝗂𝗍𝖾𝖽.pw9nKqy 𝖶𝖾 𝗁𝖺𝗏𝖾 𝖿𝗈𝗎𝗇𝖽 𝗌𝗎𝗌𝗉𝗂𝖼𝗂𝗈𝗎𝗌 𝖺𝖼𝗍𝗂𝗏𝗂𝗍𝗒 𝗈𝗇 𝗒𝗈𝗎𝗋 𝗅𝖺𝗌𝗍 𝗍𝗋𝖺𝗇𝗌𝖺𝖼𝗍𝗂𝗈𝗇.
ufDWk6O5
dfz3zvjcl 𝖠𝗍 𝗍𝗁𝗂𝗌 𝗍𝗂𝗆𝖾, 𝗒𝗈𝗎 𝗐𝗈𝗇'𝗍 𝖻𝖾 𝖺𝖻𝗅𝖾 𝗍𝗈 :
𝖲𝖾𝗇𝖽 𝖯𝖺𝗒𝗆𝖾𝗇𝗍
𝖶𝗂𝗍𝗁𝖽𝗋𝖺𝗐 𝖥𝗎𝗇𝖽𝗌
𝖫𝗈𝗀𝗂𝗇 𝗍𝗈 𝗒𝗈𝗎𝗋 𝖯𝖺𝗒𝖯𝖺𝖨 𝖺𝖼𝖼𝗈𝗎𝗇𝗍 𝖺𝗇𝖽 𝗍𝖺𝗄𝖾 𝗍𝗁𝖾 𝗌𝗍𝖾𝗉𝗌 𝗋𝖾𝗊𝗎𝖾𝗌𝗍𝖾𝖽.0fuaT0
𝖫𝗈𝗀 𝗂𝗇 𝗍𝗈 𝖯𝖺𝗒𝖯𝖺𝖨
𝖲𝗂𝗇𝖼𝖾𝗋𝖾𝗅𝗒,
𝖯𝖺𝗒𝖯𝖺𝖨 𝖲𝗎𝗉𝗉𝗈𝗋𝗍
It looks legit, except for the sending e-mail address. Of course, I did not click on the short cut button. Instead, I opened a new tab and logged in from there. My account is just fine, thank you very much. I've already forwarded the e-mail to spoof@paypal.com.
Please be aware of this scam!
NCjack
(10,279 posts)HAB911
(8,891 posts)they can get a great deal of info for the headers
Bev54
(10,052 posts)I tend to get one every other month and I have not had a paypal account since 2002. I also get one each month for Netflix, amazon and different banks. It is just a way of life these days, they all get deleted.
drray23
(7,627 posts)Those scammers rely on the fact than even if most people like you are not fooled, a few will. So they send millions of scam emails and scam a few hundreds.
NRaleighLiberal
(60,014 posts)they all go into the spam folder.
Fritz Walter
(4,291 posts)Some are automatically routed to my Spam folder (using Bombast/Yfinity's app or web-mail site). Others make it through to the Inbox.
In addition to checking the sender's email -- usually the dead-giveaway in a phishing scheme -- I occasionally get a message that appears to be genuine, until I let my mouse hover over the "click-here" link and then carefully examine the full address shown in the little box that appears, (usually adjacent to the mouse pointer). In the vast majority of cases, the URL does not point to the institution which the sender would have me believe is legit. Hint: look at the domain name: ___.com. Clearly, this is a good approach for desktop browsers; may not be too functional on portable devices. Nine times out of ten, it gets tossed.
I've almost given up on forwarding the phishing message to the bank/app-owner/alleged-sender's "abuse" or other security mailbox.
Stay sharp everyone. Let these predators feast on the MAGAts.
And, speaking of feasting, I wish everyone here a happy Turkey Day!
Mike 03
(16,616 posts)albacore
(2,398 posts)that said they need to update my email... or some shit like that. Looked VERY official.
The sender was sonnysing007@gmail.com
If that was legit, Comcast needs to make it clearer.
jmowreader
(50,557 posts)Which might work better if Comcast was actually in my area.
ProfessorGAC
(65,021 posts)Like the calls we get over an expiring extended car warranty we never had!
Yeah, that's probably not going to trip us up.
captain queeg
(10,195 posts)Or some generic I identified account. I guess its easy to send millions of those out. If you get a couple hundred bites could be profitable for the scammer.
Arkansas Granny
(31,516 posts)jmbar2
(4,886 posts)NFLX just announced a rate increase, so the spammers are capitalizing on the news to phish.
pandr32
(11,582 posts)...as well as others.
The tell is the address the message is sent from. The page looks official.
I have wondered how many people fall for these. I would bet there are many victims. This shit needs to be seriously cracked down on and perhaps public service announcements to warn innocent, gullible people who have learned to trust what looks real.
The dark arts for sure. I'd love to find out if this is state sponsored somewhere.
Midnight Writer
(21,762 posts)Wellstone ruled
(34,661 posts)First was a bogus call from a 801 area code and a 101 number which usually is a Caribbean Number,second was a e-mail that landed in our Spam Box.
Stallion
(6,474 posts)I get a bunch every day--I report them as phishing attempts but I doubt anybody really monitors reports
anybody know if reporting phishing attempts does a thing?
Faux pas
(14,672 posts)got one a few weeks ago, I sent it to PayPal spoof.
kskiska
(27,045 posts)They wanted your phone number and social security number.
Crunchy Frog
(26,582 posts)I checked my account the first time, but would never, EVER click on anything in the email. I wonder how many people have been taken by that scam.
shanti
(21,675 posts)I've gotten them too, along with similar from Amazon. Even got a phone call from someone trying to "deliver" a package to my "gated community" and needed the passcode to get in. Problem is, I don't live in a gated community and I didn't order anything from Amazon!
I just forward every phishing/spearphishing email to the appropriate spoof department.
ashredux
(2,605 posts)Drahthaardogs
(6,843 posts)Scammers
SCantiGOP
(13,869 posts)Netflix just announced a price increase. I got an email from them yesterday about the new price.
Response to Drahthaardogs (Reply #20)
SCantiGOP This message was self-deleted by its author.
yaesu
(8,020 posts)bucolic_frolic
(43,160 posts)unexplained how I got it.
just close paypal before it's too late. They can freeze your account or issue you with chargeback up to 180 days after a transaction.
don't know how there are so many people with stolen accounts, and where does the merchandise go? i doubt there's a system to find out. as long as they can get the money back from you, there's no reason to look.
just close paypal before it's too late.
Trailrider1951
(3,414 posts)I use it for contributions to DU, Actblue, personal gofundme solicitations, and some online purchases. I don't keep any cash there, and I really like not having my credit card number spread around. I'm sorry your experience has been less than optimal, but I think I'm going to keep my account. YMMV.
bucolic_frolic
(43,160 posts)I plan to close mine. I was amazed at the tales on Twitter #boycottpaypal One user claims to have been tied up on more than 80 grand since March I think it was.
I just think there must be other ways to pay ... I think Google has an app, I've heard of Venmo and several others.
The crooks have reached a level of sophistication and knowledge that they are able to game the system. It's all verbal and email.
Free merchandise on eBay ... ask for a return on low priced items ... most sellers won't absorb the return shipping, get a refund.
Some claim it's not as described. Claim they never got it. Oh it was delivered to their porch, someone stole it.
That's why with valuable merchandise, sellers require signatures. But even then there are cases of returns with damaged goods that don't match. For some reason the few I read were in UK.
i'm skeptical of managed payments, all CC transactions. That's a potential mine field.
I think there are sites that don't allow returns, and only use merchant accounts.
birdographer
(1,327 posts)They look so real, I know that there are people out there that believe them and follow the instructions and most likely get robbed blind. I feel sorry for them.
TheBlackAdder
(28,193 posts).
I've been getting PayPal, FedEx, UPS, Amazon.
If you open up the email payload, most often they originate from AWS (Amazon Web Services).
The majority of scam sites and redirect emails are from Amazon free and $1 subscription accounts.
You report them, and a day later they are running under a different AWS account.
Get the originator IP address, from the email details, open a command prompt and enter as example: nslookup xxx.xxx.xxx.xxx. This will give you the host name and most probably there will be a virtual AWS server name.
.
William Seger
(10,778 posts)That's a virus that encrypts your hard drive and demands a ransom to unlock it. If you ever get one of those installed, do NOT make it worse by paying the ransom; you won't be getting your system back either way.
bucolic_frolic
(43,160 posts)either via USB, Drop Box, or another hard drive.
And have backup recover/install disks, or use Linux which is readily reinstalled. It's a hassle to set it all up again, but with backups and the original install DVD/USB, it can be completed in a matter of a few hours. One evening.
James48
(4,436 posts)PayPaI, with a capital I .
Never believe PayPal emails that you didnt request.
SnowCritter
(810 posts)And I don't have a paypal account.
Joinfortmill
(14,419 posts)meow2u3
(24,761 posts)Then I send it to my spam box and delete it permanently.
I got one of those spoof emails in my inbox this morning. Just check the sender's email and/or the full header on your email. It's not from paypal unless both apply: the sender's email is paypal.com AND you're addressed by name.
leighbythesea2
(1,200 posts)From them.
Also didnt click.
But it's disconcerting.
crimycarny
(1,351 posts)Apparently anyone with a PayPal account can send you an invoice. I got an email from legit PayPal that said The Department of Motor Vehicles sent you an invoice for $16.00. Click here to pay.
At first I thought it might be legit, but logged into my PayPal account to get more info. There was an invoice for $16 sitting there waiting for me to pay. But digging into the senders PayPal I noticed it belonged to Nicole Bailey. I looked at my email again and saw a graphic included in the alleged invoice that was DMV*USA. I reported it to PayPal and they shut down the PayPal account. I posted a warning on FB and a friend posted she got the same PayPal email, also allegedly from The Department of Motor Vehicles, but in her case the owner was a different name (Sandy something). Which tells me someone created a lot of fake PayPal accounts and sent out a ton of these invoices.
It was a good heads up that ANYONE can send you an invoice. So watch out for that as well.
keithbvadu2
(36,796 posts)I get a lot of them offering $50,000 for filling out a survey.
Lucky me!
Home Depot, banks, Fed Ex, post office, many others.
All bs.
As if the post office has money to spend like that on surveys.
yellowwoodII
(616 posts)I've forwarded all of them to the company and they have responded.
I'd like to know why this illegal activity isn't prosecuted.
marble falls
(57,081 posts)When I get any of these (and the PayPal one has tried me three or four times) I go to PayPal through my account to check and change my password.
I had an Amazon phisher about three months ago that had an almost believable address, too.
Then there were several attempts to blackmail me for Bitcoin by several who claimed they had taken control of my camera and contact list and were going to send videos of me "reacting" to porn sites to everyone I e-mail.
Neat trick: I don't use porn sites, I do not keep a contact list and the tape over my camera is never removed.
The porn thing started after I clicked what was supposed to be a site (listed on Pinterest) on a natural wines, and I was fooled enough to list my e-mail. When I tried to explore the site, none of the options in the header worked and I got out fast. I disconnected from Pinterest. There were a lot of links there that wouldn't work or didn't work right.
The net is one place where vigilance is required.
Shoonra
(521 posts)I get a lot of these scam messages, not just from Paypal (I do not have an account) but pretending to be from a variety of big companies that lots of people would do business with; for example, Chase Bank, Bank of America, American Express, Amazon, etc.
The scammers are playing the odds that some recipients will be clients of the pretended source and fall for the "your account is frozen" message. The artwork is impressive and authentic looking, but sometimes the proofreading of the message is defective.
The offered link back to the company is also fake and sends you to the scammer's phishing questionnaire where they will want your name, account number, possibly your SSN, and maybe instruct you to send money (online or maybe by snailmail) someplace (not to the pretended company's real office address).
Usually these scam emails do not address you by your real name nor even by your email handle. Ignore these messages, do not even click the link. If you had a real problem with the real company, the real company would address you by your proper name and possibly include your snailmail address or some other authentic personal info to show they really have you as a customer.
George II
(67,782 posts)I keep getting emails saying my "account" is suspended, except that it's for a bank or organization with which I do NOT have an account!
Rebl2
(13,501 posts)and I get these often. I get them from PayPal and Amazon. My husband gets them from Amazon and Wells Fargo bank-we dont have an account at Wells Fargo.
Hulk
(6,699 posts)I did the same thing.... didn't bother to click on their tab rather went straight to my Paypal account.
I'm getting the same notices for Amazon.
Chainfire
(17,537 posts)I only open my email about once a month....
housecat
(3,121 posts)Well I didn't expect my first reply at DU would be this, but then who expected the last four years? i got one from Amazon -- well not exactly FROM Amazon. I called customer service and got a scammer who told me my account had been compromised. You can fill in the rest. Miraculously I didn't send any money, which I was almost stupid enough to do. And I did contact FTC for what it's worth.
So have a safe and happy Thanksgiving y'all. I've been wanting to join some of the discussions, so may my second attempt at least have some humor, and keep my occasional bouts of stupidity to myself.
Peace
Trailrider1951
(3,414 posts)You're among friends.
housecat
(3,121 posts)klook
(12,154 posts)If you've been lurking for a bit, you have an idea of what this board is like. It's a great place to interact with (mostly) like-minded people, and there are many forums and groups that you might want to explore. It can be addictive and sometimes maddening, like any discussion board, but on the whole my experiences here have been very positive.
Pro Tip: I often start with "Latest Threads" to see what's percolating and current, but I also like to go to the Home page to get an overview -- and to see EarlG's excellent "Pic of the Moment" posts. You may find a different entry point that works better for you.
Enjoy, and I look forward to your future posts.
housecat
(3,121 posts)Ok this is my second response to a response, and I'm feeling accomplished. Thanks for the tips!
DesertRat
(27,995 posts)housecat
(3,121 posts)Thanks for the warm welcome. This is going to be fun
klook
(12,154 posts)If I receive spam or phishing attempts to an address, I can tell exactly where the perps got it from, and I can delete or change that address and alert the vendor that apparently got hacked. I do have a PayPal account, and it's linked to a disposable email address that I don't use anywhere else, and that forwards to a real one that I don't publish.
I also make payments with a credit card via PayPal, not bank account funds transfer. That way if I need to cancel a fraudulent credit card transaction, I can easily contact the card provider. I've only had to do that a couple of times in my life, but it's nice to know I can if need be.
Smart of you to recognize this and handle it the way you did. I worry that as I get older my defenses will weaken, and that's one of the reasons I've put barriers around my real email addresses and real financial account information.
OMGWTF
(3,955 posts)Here is a list of the eight most-frequently spoofed company emails that I get, along with the email address to forward it to the company's IT fraud dept. so they can shut down these rat bastards. If I'm in a pissy mood, I'll wait a day until after the real company gets the fake email to start an investigation and then send the criminal an email telling them that they will die in prison.
PayPal - spoof@paypal.com.
Apple - report phishing@apple.com
Amazon - stop-spoofing@amazon.com
Netflix - phishing @netflix.com
Ebay - spoof@ebay
American Express - spoof@americanexpress.com
Chase Bank - abuse@chase.com
USPS - spam@usps.gov
IrishEyes
(3,275 posts)I never use PayPal or order from Amazon. I don't order online very often. I also have never had a Netflix account.
lillypaddle
(9,580 posts)that I had logged into a fake website, and while the threat was blocked and removed, 6 of my accounts' passwords were compromised. Paypal was one of them. I changed my passwords on the said accounts, except for Paypal, which I really don't use. I cancelled the account there.
So, I don't know, maybe it's a coincidence, but be sure it really was a fake email. YMMV.
Dem2
(8,168 posts)Usually on an account that isn't affiliated with the account that's targeted. Or with a bank that I have no account.
And yes, the Paypal ones that give one a temporary BP spike.