Pages

Wednesday 12 May 2021

Day 422 of self-isolation - Paypal scam

Paypal scam

 Subject: Please provide your missing account information by 9 July 2021 


Hi [My full name],  
 
Please provide your missing account information
 
 
Please send it by 9 July 2021.
 
 
It looks like we're missing some information for your account. To comply with applicable laws, we need to collect certain information from
you to help make the PayPal community as secure as possible.

So I checked the email header.

Received: from mx1.slc.paypal.com (mx0.slc.paypal.com [173.0.84.225])   by
 mail.[mymailserver.com]

Therefore, it came from the paypal.com domain. So it all looks legitimate.

But then I contacted Paypal, using their messaging system, and they told me that unless it came from service@paypal.co.uk or service@paypal.com, then it isn't from them.

Which leaves me in doubt. The "From" address was service@paypal.co.uk, but we all know that the from-address is easy to spoof, it's the "Received: from" that tells the truth. And that says it's from a paypal subdomain.

So I don't have confidence that the person on the messaging system understood the problem, I don't have confidence that Paypal understands it's own system.

 Here's the message that I got from the Paypal messaging system.

 

 

Good day. Welcome to PayPal Messaging, my name is Renelyn. I understand how important for you to know if the email was from PayPal.
I've reviewed your account and it shows that the email you received was not from PayPal. We didn't send any email to you regarding missing information.
The email address mx1.slc.paypal.com is not from PayPal.
For future your future reference I've included the guidelines below on how a legitimate email from PayPal looks like. This might be long but I want to make sure that you will be able to get all the details.
You will know that an email is not from PayPal when:
• The email uses a generic greeting like 'Dear user' or 'Hello, PayPal member’. We always address you by your first name and last name or the business name on your PayPal account.
• The email requests financial and other personal information. For example, an email from PayPal never asks for the numbers of your bank account, debit or credit card, or driving licence. We also do not request your email addresses, your full name, your account password, or the answers to your PayPal security questions.
• The email includes an attachment, a software update to install on your computer.
• Never ask you for money in an email, and we will never ask you to send money through Western Union, MoneyGram or any other third party money transfer service.
• The email address that we are using in sending emails or notifications are service@paypal.com or service@paypal.co.uk alone nothing more nothing less.
• If you are viewing the email in your mobile device, long press your finger on the email address of the sender and the real email address of the sender will appear.
• If you are viewing the email using your desktop or computer, just hover or point your mouse on the email address that the sender used and the real email address of the sender will appear.
Here are some security tips below to help you stay protected online:
• Never provide the tracking number of a posted item before receiving payment into your PayPal account
• Never give your PayPal password to anyone
• We'll never ask you for financial details via email.
• When using the PayPal, always ensure that the URL address listed at the top of the browser displays as https://www.paypal.com. The 's' ensures that the website is secure.
• Even if the URL contains the word 'PayPal', it may not be a PayPal webpage.
• Look for the 'lock' symbol that appears in the address bar. This symbol indicates that the site you are visiting is secure.
• You can always see your payment when you log into your PayPal account. If you receive an email saying that you've received a payment, always log in to your PayPal account at www.paypal.com (do not click on any links in the email) and check your account balance there.
Kindly send the email to spoof@paypal.co.uk so that our Fraud Prevention Team can investigate the origin of the email and ensure that the people and the related site will get shut down.
Don't forget to delete this from your email after forwarding to ensure that you will not be attempted to entertain this in the future.
Rest assured, Your PayPal account is secured and protected.
Thank you for contacting PayPal and for being a valued customer. If you have no further questions, please close this conversation. You can close this conversation by selecting End Conversation or by clicking the X". If you respond to this message, another agent will follow up with you.


So I've forwarded the email to spoof@paypal.co.uk.

There is nothing under "Account notifications" to click on or follow, so really, that's all I can do. And they said in the message above, that they sent me nothing.

If Paypal terminates service on 9 July 2021, I'll contact them further. But at this point in time, I'm taking no action.




No comments:

Post a Comment