Clever new Paypal scam

[Biggerhammer]

I just got this reasonably sophisticated scam attempt:

Dear PayPal member,

This email confirms that you have paid LUXURYWATCHESINC
(sales@luxurywatchesinc.com) $190.85 USD using PayPal.

(etc)

followed by a nice little link saying:

If you haven't authorized this charge, click the link below
to cancel the payment and get a full refund.

Dispute Transaction

That handy link leads to zj254.internetdsl.tpnet.pl

The English was excellent. The return address was effectively spoofed. The fonts and styles were right on. The only real red flag was that it did not use my name (just Dear PayPal member). This isn't just another script kiddie.

Be careful out there.

 

[RossMAN]

Whenever I receive an email from Paypal/eBay/CitiBank/etc whether it's real or not I NEVER click the link.

I always manually go to www.paypal.com

 

[alkemyst]

Originally posted by: RossMAN
Whenever I receive an email from Paypal/eBay/CitiBank/etc whether it's real or not I NEVER click the link.

I always manually go to www.paypal.com

Exactly...whenever you get any email from a site you are doing business with, skip the links and go to them then login.

If they have a message for you, you will get it at login.

Some CitiBank ones are very well done and designed to attack those who have english as a second language.

 

[olds]

Totally n00bular.

 

[halik]

Originally posted by: Biggerhammer
I just got this reasonably sophisticated scam attempt:

Dear PayPal member,

This email confirms that you have paid LUXURYWATCHESINC
(sales@luxurywatchesinc.com) $190.85 USD using PayPal.

(etc)

followed by a nice little link saying:

If you haven't authorized this charge, click the link below
to cancel the payment and get a full refund.

Dispute Transaction

That handy link leads to zj254.internetdsl.tpnet.pl

The English was excellent. The return address was effectively spoofed. The fonts and styles were right on. The only real red flag was that it did not use my name (just Dear PayPal member). This isn't just another script kiddie.

Be careful out there.

Except paypal never sends email saying "Click here to cancel the payment you jsut sent". As a matter of fact, cancelling a payment you sent already is a huge PITA

 

[Fraggable]

Originally posted by: halik

Originally posted by: Biggerhammer
I just got this reasonably sophisticated scam attempt:

Dear PayPal member,

This email confirms that you have paid LUXURYWATCHESINC
(sales@luxurywatchesinc.com) $190.85 USD using PayPal.

(etc)

followed by a nice little link saying:

If you haven't authorized this charge, click the link below
to cancel the payment and get a full refund.

Dispute Transaction

That handy link leads to zj254.internetdsl.tpnet.pl

The English was excellent. The return address was effectively spoofed. The fonts and styles were right on. The only real red flag was that it did not use my name (just Dear PayPal member). This isn't just another script kiddie.

Be careful out there.

Except paypal never sends email saying "Click here to cancel the payment you jsut sent". As a matter of fact, cancelling a payment you sent already is a huge PITA

It's not always that hard, I was able to get some money refunded to me within 7 days the one time I needed to. But it is true that Paypal doesn't really send emails saying 'click here to dispute the transaction'. Why would they?

If you don't know not to click links and open attachments in unexpected and un-self-explanitory emails, then you need to hand in your intarweb card STAT.

 

[RossMAN]

Originally posted by: alkemyst

Originally posted by: RossMAN
Whenever I receive an email from Paypal/eBay/CitiBank/etc whether it's real or not I NEVER click the link.

I always manually go to www.paypal.com

Exactly...whenever you get any email from a site you are doing business with, skip the links and go to them then login.

If they have a message for you, you will get it at login.

Some CitiBank ones are very well done and designed to attack those who have english as a second language.

Exactly!

It's funny whenever Paypal sends an email to an account which I have NEVER registered with them. Sad but people fall victim to these scams every minute of every day.

 

[Gillbot]

Originally posted by: RossMAN
I always manually go to www.paypal.com

 

[conehead433]

You can help Paypal by alerting them to these phishing attempts. Click forward and send to spoof @ paypal.com. They usually are able to have the website disabled almost immediately.

 

[Biggerhammer]

Originally posted by: oldsmoboat
Totally n00bular.

Thanks.

I posted this because it was one of the better efforts I've seen. Note that I didn't say "I just clicked here and gave them my credit card."

 

[NiKeFiDO]

uh, if the url isnt something.paypal.com, its fake.
duh?

 

[cavemanmoron]

Originally posted by: Biggerhammer
I just got this reasonably sophisticated scam attempt:

Dear PayPal member,

This email confirms that you have paid LUXURYWATCHESINC
(sales@luxurywatchesinc.com) $190.85 USD using PayPal.

(etc)

followed by a nice little link saying:

If you haven't authorized this charge, click the link below
to cancel the payment and get a full refund.

Dispute Transaction

That handy link leads to zj254.internetdsl.tpnet.pl

The English was excellent. The return address was effectively spoofed. The fonts and styles were right on. The only real red flag was that it did not use my name (just Dear PayPal member). This isn't just another script kiddie.

Be careful out there.

Thanks for the heads up

 

[AnyMal]

The dead giveaways is "Dear PayPal member"

PP will NEVER and I mean NEVER address your email to anyone/anything other then your full name.

 

[thirdlegstump]

Paypal needs to stop these scammers.