Email Scam: PayPal Phishing Examples

Paypal Phishing

This is an received about is a scam and why not try to contact these people or log onto these sites and enter your data because you risk being .

 

Letter 1:

Dear PayPal Customer,

During your regular scheduled accounts maintenance verification procedure, We have detected a slight error regarding your PayPal This might be due to Unauthorization access to your PayPal Account…Please verify your information by Downloading the Attachment file and open in a browser to Continue.

NOTE: At PayPal, your protection is our top priority and We’re committed to keeping your PayPal accounts safe from unauthorized access.

IMPORTANT: *If your PayPal information is not verified within 48 hours then your ability you access your PayPal account will be restricted.

Very sincerely,
PayPal Department

Copyright © 2015 PayPal, Inc. All rights reserved. PayPal is located at
2211 N. First St.,
San Jose, CA 95131.

Please do not reply to this email because we are not monitoring this inbox. To get in touch with us, log in to your account and click ‘Contact Us’ at the bottom of any page.

Phishing analysis :

Extract was removed from pastebin…

Email analysis :

NOTE : service@paypal.name
NOTE : X-Mailer-Sent-By : 1
NOTE : X-Mailer-Sid : 10
NOTE : Return-Path : bounce@anatrez.com
NOTE : X-Remote : 188.138.65.69 (static-ip-188-138-65-69.inaddr.ip-pool.com)
NOTE : Mime-Version : 1.0
NOTE : Content-Disposition : inline
NOTE : Content-Transfer-Encoding : 8bit
NOTE : Message-Id : < *@anatrez.com >
NOTE : Received : from static-ip-188-138-65-69.inaddr.ip-pool.com (HELO anatrez.com) (188.138.65.69)
NOTE : Important: We noticed unusual activity in your PayPal account (Ref #PP-003-627-576-424)

Letter 2:

PayPal™

Temporary Limited Account!


We need your help


 

Your billing information is either incomplete or out of date.As a result we have temporary limited your account until you update your billing information. Please click here to update and activate your account.. Thank you for being a PayPal customer.

Account – Help – Fees – – Apps – Shop

Please do not reply to this email. We are unable to respond to inquiries sent to this address. For immediate answers to your questions, visit our Help Center by clicking “Help” located on any PayPal page or email. Copyright © 2014 PayPal, Inc. All rights reserved. PayPal is located at 2211 N. First St., San Jose, CA 95131.

Phising analysis :

CLICK : “click here”
OPEN : http://urnsosuifc5.esy.es/ansfo/login.php
REDIRECT : urnsosuifc5.esy.es/ansfo/index.php?cmd=_login-submit&dispatch=
SCREENSHOT :

PayPal Phishing
PayPal Phishing

esy.es whois :

Domain Name: esy.es
Registrant: Hostinger International Limited
Registrar: MARCARIA.COM
Create Date: 2006-03-06

Name Server: ns1.main-hosting.com
Name Server: ns2.main-hosting.com
Name Server: ns3.main-hosting.com
Name Server: ns4.main-hosting.com

FraudsWatch
About FraudsWatch 1210 Articles

You’ve been defrauded? FraudsWatch.com tries to help as to denounce embezzlement, theft or if your identity has been compromised. I put at your disposal example, guide and guidance about fraud, scams and identity theft.

1 Comment

  1. I sent this below to Paypal but they don’t reply – Their claim that a genuine email from Paypal will contain your name is patently false – I can easily get a name and matching email address and send a fake link.
    Wonder what you think about this?
    ———————————————————————-

    Dear David Smith – here is your latest Paypal update

    Click here to log in.

    and here’s a nice Paypal picture that looks real:

    ————————————————————————–

    See how easy it is – your “What is phishing” page says:

    You’ll know that an email/SMS is not from PayPal when:

    The email/SMS uses a generic greeting like ‘Dear user’ or ‘Hello, PayPal member.’ We’ll always address you by your first and last name or the business name on your PayPal account.

    ——————————————–
    NOT TRUE – As illustrated above I can very easily send someone an email and use their real name – easy to find names and email addresses. I can put a hidden link to a fake look-alike login website and get your login details and then go on a spending spree. So what you are saying is simply not true.

    SO
    1. your guidance about trusting an email that addresses you by name from Paypal is patent nonsense and dangerous
    2. These “View your recent transactions emails” that you send out could easily be imitated and therefore fakes
    3. By including your link to log on to Paypal you are training your users to become victims of phishing
    4. The only way to avoid this is to remove the “Log In Now” and tell your users to log in to paypal in their usual way: “Simply head over to http://www.paypal.co.uk and log in to check out your recent activity.”

    I find it unbelievable that you do this – you are keeping all that money and actually effectively training your customers to fall for scams.

    If I was a victim of a paypal phishing attack I believe I would be able to sue Paypal for encouraging me (even training me through these notification emails) to fall for it…….

Leave a Reply

Your email address will not be published.


*