Thursday, April 21, 2011

Fraud Alert: Read this if you have a PayPal Account

By Maurice Lacunza
PayPal customers get targeted frequently by cold-hearted thief's who want to take your money. Last month I had someone in Singapore trying to buy an $850 dollar phone with my account. They somehow got the password! How did that happen? Apparently I used the same password for years with a variety of accounts. Perhaps they got one of those mailing lists that was hacked from the banks or other institutions. Maybe it was from a social network. Maybe it is because my password was weak...letters without any numbers or characters. I changed EVERY password I have to something strong. I use letters, caps, numbers, and, symbols. So far, so good.

Today I received an email from what appears to be PayPal. They announce the new "enhanced account statement" that I can use immediately by agreeing to the Terms and Conditions. I can also "complain" by clicking the complaint button. Oh so very tricky! I found an older email in my archives from PayPal that was an "Annual Policy Review Contract" to let me know every year what PayPal does with my account. I hit reply and what do you know? The address is "reply1 at info dot Paypal dot com." PayPal does not send out annual reviews. Another clever fraudulent attempt to get me to click on the links and unwittingly give up my information.

The problem is that every click is a link to the bad guys website. Click it on and be doomed. How do you know if the real deal is from PayPal? I talked to PayPal and they said that if you click the reply button you will see where the email is actually going. I did that and my email was getting directed to reply1 @ info . paypal.  The clever Resolution button was getting directed to "email0"  The real Paypal would be "service at PayPal."

PayPal doesn't send emails asking for your information. So be smart. Question any email you receive that you did not solicit. Check the reply button and you should be able to discern if it is legitimate. 

2 comments:

  1. good to know super sleuthing to the fraud rescue

    ReplyDelete
  2. To Anonymous: consider it a public service. Fraud sucks and they never cease to try.

    ReplyDelete