Author Topic: Paypal Fraud warning  (Read 4357 times)

Exflyboy

  • Walrus Stache
  • *******
  • Posts: 8686
  • Age: 63
  • Location: Corvallis, Oregon
  • Expat Brit living in the New World..:)
Paypal Fraud warning
« on: December 01, 2016, 12:18:36 PM »
I got an email today from PP saying my account was limited.. click on this link

So I did and it loots like an exact copy of my PP account when I "logged in",.. Then it said to put in all my details like social security number etc.

Naturally got out of there, went through the regular PP site and sure enough my account is fine.

So I closed the PP account as the bastards now had my log in information.

It looked VERY convincing!!!

SpreadsheetMan

  • Bristles
  • ***
  • Posts: 431
Re: Paypal Fraud warning
« Reply #1 on: December 01, 2016, 02:14:08 PM »
I must get 5-6 of those every week along with lots of other phishing emails. I'm pretty wary though, I never follow links in emails.

Had you used that login and password anywhere else? That's the danger now.


Rotax

  • 5 O'Clock Shadow
  • *
  • Posts: 38
  • Location: Phoenix Az
    • Suburbantoolbox.com
Re: Paypal Fraud warning
« Reply #2 on: December 01, 2016, 02:21:38 PM »
I just overcame an 8 month streak of lusting after the new Milwaukee soft close roller bearing tool box. It costs $700 and took all of my will power to talk the rational side of my brain into agreeing that my wood cabinets and storage shelves work just fine but just don't look as cool because they aren't Milwaukee red.

robartsd

  • Magnum Stache
  • ******
  • Posts: 3342
  • Location: Sacramento, CA
Re: Paypal Fraud warning
« Reply #3 on: December 01, 2016, 02:22:23 PM »
The only time I click on a link from a financial site is in the "confirm your email address" message. Any other time I need to visit the site, I enter the site name in my browser directly.

Sibley

  • Walrus Stache
  • *******
  • Posts: 7890
  • Location: Northwest Indiana
Re: Paypal Fraud warning
« Reply #4 on: December 01, 2016, 02:32:02 PM »
Rule #1 is don't click on links in the email! Go to the actual website.

Run antivirus, just in case.

Exflyboy

  • Walrus Stache
  • *******
  • Posts: 8686
  • Age: 63
  • Location: Corvallis, Oregon
  • Expat Brit living in the New World..:)
Re: Paypal Fraud warning
« Reply #5 on: December 01, 2016, 02:35:14 PM »
Password was unique to PP so no problems there.

I also run a Chromebook with a pass word encriptor for all my finance stuff so I think I am pretty secure

Grogounet

  • Bristles
  • ***
  • Posts: 264
  • Location: Australia
    • http://www.quest2independence.com
Re: Paypal Fraud warning
« Reply #6 on: December 04, 2016, 12:14:45 AM »
Rule #1 is don't click on links in the email! Go to the actual website.

Run antivirus, just in case.

Unfortunately, an antivirus is pretty much useless against phishing emails.
The best way to detect is to check the email address, the second to go onto the website directly.
These attacks are more and more sophisticated and harder to detect.

https://krebsonsecurity.com/
This is a good resource to learn about the scary world of cyber crime.

arebelspy

  • Administrator
  • Senior Mustachian
  • *****
  • Posts: 28468
  • Age: -997
  • Location: Seattle, WA
Re: Paypal Fraud warning
« Reply #7 on: December 04, 2016, 01:51:06 AM »
So I did and it loots like an exact copy of my PP account when I "logged in",.. Then it said to put in all my details like social security number etc.

Common phishing scam.  No need to close the account, just change the password.

You're lucky they made it suspicious (asking for SSN) after getting your info.. had they stopped with the login info, said "Thank you for confirming, your account is now unlocked.  For security you are being logged out." and redirected you to the normal paypal logout screen, you may have never realized.

Lucky also you knew not to put in SSN--good for you!

Password was unique to PP so no problems there.

I also run a Chromebook with a pass word encriptor for all my finance stuff so I think I am pretty secure

Both of these are smart.  Kudos.
I am a former teacher who accumulated a bunch of real estate, retired at 29, spent some time traveling the world full time and am now settled with three kids.
If you want to know more about me, this Business Insider profile tells the story pretty well.
I (rarely) blog at AdventuringAlong.com. Check out the Now page to see what I'm up to currently.

plainjane

  • Handlebar Stache
  • *****
  • Posts: 1645
Re: Paypal Fraud warning
« Reply #8 on: December 04, 2016, 05:22:55 AM »
Rule #1 is don't click on links in the email! Go to the actual website.
Run antivirus, just in case.
Unfortunately, an antivirus is pretty much useless against phishing emails.

But a very good idea if you click on a link by mistake?

Exflyboy

  • Walrus Stache
  • *******
  • Posts: 8686
  • Age: 63
  • Location: Corvallis, Oregon
  • Expat Brit living in the New World..:)
Re: Paypal Fraud warning
« Reply #9 on: December 04, 2016, 10:50:04 AM »
So I did and it loots like an exact copy of my PP account when I "logged in",.. Then it said to put in all my details like social security number etc.

Common phishing scam.  No need to close the account, just change the password.

You're lucky they made it suspicious (asking for SSN) after getting your info.. had they stopped with the login info, said "Thank you for confirming, your account is now unlocked.  For security you are being logged out." and redirected you to the normal paypal logout screen, you may have never realized.

Lucky also you knew not to put in SSN--good for you!

Password was unique to PP so no problems there.

I also run a Chromebook with a pass word encriptor for all my finance stuff so I think I am pretty secure

Both of these are smart.  Kudos.

Yeah I realised I had screwed up as soon as I "logged on". So in this case the "thankyou for confirming" would not have worked, but your right it was a close run thing.

As I didn't need the PP account anyway and it had a pipe to the contents of my bank account and CC I immediately closed the account, cleared the history on the Chromebook, signed out and shutdown.

If it did have a virus, well it would have had to have been awfully quick to load it before I got out of there plus I understand that its kind of hard to get a virus on a Chromebook (most viruses are probably built for windows/macbook platforms I assume).

I have checked my bank and CC balances and there are no fraudulent payments so far at least.

ToTheMoon

  • CM*TO 2024 Attendees
  • Pencil Stache
  • *
  • Posts: 846
  • Location: BC
Re: Paypal Fraud warning
« Reply #10 on: December 04, 2016, 12:33:04 PM »

I also run a Chromebook with a pass word encriptor for all my finance stuff so I think I am pretty secure

What do you use for your password encription?

Thanks

Exflyboy

  • Walrus Stache
  • *******
  • Posts: 8686
  • Age: 63
  • Location: Corvallis, Oregon
  • Expat Brit living in the New World..:)
Re: Paypal Fraud warning
« Reply #11 on: December 04, 2016, 02:23:01 PM »

I also run a Chromebook with a pass word encriptor for all my finance stuff so I think I am pretty secure

What do you use for your password encription?

Thanks

I use lastpass.com

ghsebldr

  • 5 O'Clock Shadow
  • *
  • Posts: 42
    • stevesgreenhouses
Re: Paypal Fraud warning
« Reply #12 on: December 04, 2016, 08:31:24 PM »
I had the same experience with my Square account. Email from Square said I had a $1600 something chargeback which was close to a sale from the week before so I of course clicked through immediately. Realized that it a fishing scam when my account info wouldn't load and changed my passwords across the board within a few minutes.
Called Square on Monday (they're closed weekends, really?) they confirmed that this was common to their customers.
 Thanks for the heads up Square. They send out endless bullshit sales opportunities on a daily basis, but lets not let bother to let our users know there is a pfishing epidemic going on with their accounts.

SpreadsheetMan

  • Bristles
  • ***
  • Posts: 431
Re: Paypal Fraud warning
« Reply #13 on: December 07, 2016, 12:14:02 AM »
Paypal really don't help themselves.

I had a very convincing email yesterday that appeared to be from Paypal, but there was a login button that linked to "epl.paypal-communication.com". Now there is no way on earth I will click on that, but I was curious so went digging using whois to see who owns that domain and it does appear that Paypal Inc, San Jose CA owns it. So this could be genuine.

However; Paypal are basically contravening all anti-phishing advice by using a non- paypal.com domain and including a "log-in" button in an email. Duh!

They have also left all the scamming back doors wide open by not owning .paypal-communication.org, .paypal-communication.net etc. - these are all open for purchase.

Poor effort by them.


AZDude

  • Handlebar Stache
  • *****
  • Posts: 1296
Re: Paypal Fraud warning
« Reply #14 on: December 07, 2016, 09:14:10 AM »
Rule #1 is don't click on links in the email! Go to the actual website.

Yep. Always, always, always.