Just a heads up to everybody. I got a creepily well written Paypal scam mail saying that a furioner had accessed my pay pal account and I needed to follow the link to confirm my account info or it would be suspended. Like I said it is a cut above your average scam. So watch out. Here is the text

Security Center





128-bit encryption

At PayPal, we want to increase your security and comfort level with every transaction. From our Buyer and Seller Protection Policies to our Verification and Reputation systems, we'll help to keep you safe.






We recently noticed an attempt to log in to your PayPal account from France, a foreign IP address and we have reason to believe that your account was used by a third party without your authorization.

If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. Therefore, if you are the rightful account holder, click on the link below to log into your account and follow the instructions.


https://www.paypal.com/cgi-bin/webscr?cmd=_login-run This went to the scam URL


If you choose to ignore our request, you leave us no choice but to temporarily suspend your account.

If you received this notice and you are not the authorized account holder, please be aware th at it is in violation of PayPal policy to represent oneself as another PayPal user. Such action may also be in violation of local, national, and/or international law. PayPal is committed to assist law enforcement with any inquires related to attempts to misappropriate personal information with the intent to commit fraud or theft. Information will be provided at the request of law enforcement agencies to ensure that impersonators are prosecuted to the fullest extent of the law.

Thank you for your patience as we work together to protect your account.

Sincerely,
PayPal Account Review Department
PayPal, an eBay Company



--------------------------------------------------------------------------------
*Please do not respond to this e-mail as your reply will not be received

What part is a cut-above your normal scam?

words words words

click here to type in your sensitive information

words words words

I think the line:

"If you choose to ignore our request, you leave us no choice but to temporarily suspend your account."

would have tipped me off, if nothing else did. Outside of maybe collection agencies and cease and desist letters, companies don't usually use that kind of language with their customers.

What part is a cut-above your normal scam?

Greetings,
My name is Abalawama Kenobi and I represent the centril bank of Nigeria. We are allocating agents for disburments of monies that amount to $12 Million. To help us you will reciecve prossesing fee. Please provdie bank info here.

These have been going around since Paypal existed in pretty much the same form.

words words words

click here to type in your sensitive information

words words words
I LOL'ed. It all pretty much boils down to that.

Paypal will never, ever ask you to follow an inline link to get to your account. Not ever. If they send you an account related email, they may tell you to go do something to your account, but they'll let you get there on your own. Any Paypal (or eBay, or whatever) email with a link to your account is a scam. Period.

I LOL'ed. It all pretty much boils down to that.
It sounds silly when boiled down like that, but anyone can fall for a con when their guard is down. Once I had someone cold-call me to sell me student loan consolidation (not uncommon at this point in my life) and then started asking me all sorts of questions like "how much do you owe, what rate are you paying", etc etc. I was happily telling them everything they wanted to know while House was paused until my wife slapped me and hung up.

/shrug

In my case it probably wasn't a completely malicious scam, but there's still no reason for me to have shared my debt information with a cold-calling loan shark.

Greetings,
My name is Abalawama Kenobi and I represent the centril bank of Nigeria. We are allocating agents for disburments of monies that amount to $12 Million. To help us you will reciecve prossesing fee. Please provdie bank info here.

Okay.

Perhaps I should clarify. What about the original post is more than a cut-above the standard paypal scam? I looks like your run of the mill paypal scam to me.

I remember my shock and outrage when I received *my* first PayPal scam email... in 2001.

Edit: Don't you see, nKoan - the link said "https://www.paypal.com" but it secretly took you to a scam site!

Hey! That is the same guy that said my family died in his country - he owes me 10 million dollars!!!!!

Come now, let's be civilized.

I'm sure some people out there weren't aware.

Come now, let's be civilized.

I'm sure some people out there weren't aware.

Yes, and those people should be put down.

Yes, and those people should be put down.
I could call them all fags!

Paypal will never, ever ask you to follow an inline link to get to your account. Not ever. If they send you an account related email, they may tell you to go do something to your account, but they'll let you get there on your own. Any Paypal (or eBay, or whatever) email with a link to your account is a scam. Period.You know, I used to know this to be true, until I read about (or received?) a PayPal newsletter that contained html links to their site and thus contradicting everything we've all been trying to teach our naive relatives about email scams. Unfortunately, I can't seem to locate anything now so maybe I made this up. I thought I read about it over at Dan's Data.

You know, I used to know this to be true, until I read about (or received?) a PayPal newsletter that contained html links to their site and thus contradicting everything we've all been trying to teach our naive relatives about email scams. Unfortunately, I can't seem to locate anything now so maybe I made this up. I thought I read about it over at Dan's Data.

Or it was a fake PayPal newsletter.

dun, dun, dUUUUUUUNNN!!!!

The link in the OP goes to the paypal site. Where's the scam?

This is why you use an email agent that doesn't hide the real URL, or you use a browser for your webmail that doesn't hide the real URL.. such as Thunderbird and Firefox.

The lack of the "www.paypal.com" in the actual URL will tip you off.

Or it was a fake PayPal newsletter.

dun, dun, dUUUUUUUNNN!!!!Hah, but no. I'm fairly certain it was not in my own Inbox, if not for the fact that I can't find the original blog entry I thought I'd seen. And yes, the invasion of html into email is a big part of the problem.

The link in the OP goes to the paypal site. Where's the scam?
That's just the forum software helpfully converting the displayed URL, not the real one. In the e-mail it would actually appear as something like:

http://www.paypal.com/ (http://www.inurdomain.zomg/steelinuraccount)

Potentially plus some tricks that try to hide the real URL. There was one example that prevented the real URL from showing up on the status bar by using a ton of spaces to push it past the edge of the window.

Okay.

Perhaps I should clarify. What about the original post is more than a cut-above the standard paypal scam? I looks like your run of the mill paypal scam to me.

I just wanted to warn friends. It's not a revolution in social engineering but I thought it was a pretty good pitch and the grammer was almost completely professional. It's probably not unusual. I mostly get offers to buy viagra, enlarge my penis and invest in hot penny stocks so this one was new to me. It's funny because a few days before I got a legitimate email from USAA saying my account had not been accessed in a while and I need to click here to reactivate it. I was dubious so I called customer service and it turns out it was legitimate. I gave them an earful for such a stupid process. Next day I get this from the Pay pal scammer. Plus, hell a lot of you computer and video game nerds are really smart but lacking in common sense so I thought I'd help you out. No good deed goes unpunished. :)

I just wanted to warn friends. It's not a revolution in social engineering but I thought it was a pretty good pitch and the grammer was almost completely professional. It's probably not unusual. I mostly get offers to buy viagra, enlarge my penis and invest in hot penny stocks so this one was new to me. It's funny because a few days before I got a legitimate email from USAA saying my account had not been accessed in a while and I need to click here to reactivate it. I was dubious so I called customer service and it turns out it was legitimate. I gave them an earful for such a stupid process. Next day I get this from the Pay pal scammer. Plus, hell a lot of you computer and video game nerds are really smart but lacking in common sense so I thought I'd help you out. No good deed goes unpunished. :)

I'd take offense at that last comment, but I just accidently yelled "FUCK" at the top of my lungs in my little suburbia.

Not a good idea.

Anyone who's not a moron knows that legitimate paypal emails contain your ACTUAL NAME. The fact it says "Dear Paypal" user is a tip-off that might as well say "Dear Sucker."

Hmmm. Funny, there's this link here that says "http://www.paypal.com", but if I right click on it, the target properties read "167.55.67.33/~mwu/escargot/36af7ec880xA/paypalscam.aspx".

I better click on it and provide the website my most secret, personal information, just so that my paypal account isn't closed.

I just wanted to warn friends. It's not a revolution in social engineering but I thought it was a pretty good pitch and the grammer was almost completely professional. It's probably not unusual. I mostly get offers to buy viagra, enlarge my penis and invest in hot penny stocks so this one was new to me. It's funny because a few days before I got a legitimate email from USAA saying my account had not been accessed in a while and I need to click here to reactivate it. I was dubious so I called customer service and it turns out it was legitimate. I gave them an earful for such a stupid process. Next day I get this from the Pay pal scammer. Plus, hell a lot of you computer and video game nerds are really smart but lacking in common sense so I thought I'd help you out. No good deed goes unpunished. :)

Well, at least your hearts in the right place. I just found the alarmist nature of the OP to be funny at what seems like such a commonplace scam.

I guess you should count yourself lucky if this is the first one you've gotten.

Ok, the URL in the e-mail was https://www.paypal.com/cgi-bin/webscr?cmd=_login-runbut where did it actually go?

Well, at least your hearts in the right place. I just found the alarmist nature of the OP to be funny at what seems like such a commonplace scam.

I guess you should count yourself lucky if this is the first one you've gotten.

Yeah, but on the otherhand with all the other junk email I have gotten I am always rock hard, 10 inches with amazing girth and a millionaire off of penny stocks.....so life's not that bad.

I have a separate contact e-mail for my bank, credit cards, and paypal type accounts. I don't use it for anything else. It is not an easily guessed name@domain.com, either. Any bank/paypal/etc. e-mails I get at my regular addys is instantly shit-canned. Ef 'em. Plus I log in to all of my bank/cc/paypal accounts once a month to manually work over my finances and check for shady stuff, so it's all good.