Paypal Scam????

[(RIP) Geriatric Germ]

Just had this Email, any comments please??? Looks dodgy



X-Apparently-To: [email protected] via 217.12.12.64; Tue, 01 Mar 2005 06:06:50 +0000
Authentication-Results: mta815.mail.ukl.yahoo.com
from=paypal.com; domainkeys=neutral (no sig)
X-Originating-IP: [128.123.3.4]
Return-Path: <[email protected]>
Received: from 128.123.3.4 (EHLO joebob.NMSU.Edu) (128.123.3.4)
by mta815.mail.ukl.yahoo.com with SMTP; Tue, 01 Mar 2005 06:06:50 +0000
Received: from joebob.NMSU.Edu (localhost [127.0.0.1])
by joebob.NMSU.Edu (8.12.10+Sun/8.12.0) with ESMTP id j2166mcB005129
for <[email protected]>; Mon, 28 Feb 2005 23:06:48 -0700 (MST)
Received: (from nobody@localhost)
by joebob.NMSU.Edu (8.12.10+Sun/8.12.9/Submit) id j2166mIu005128;
Mon, 28 Feb 2005 23:06:48 -0700 (MST)
Date: Mon, 28 Feb 2005 23:06:48 -0700 (MST)
Message-Id: <[email protected]>
To: [email protected]
Subject: Case ID Number: PP-332-182-001
From: "[email protected]" <[email protected]>
Reply-To: [email protected]
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit

<HTML>
<font face="Verdana">
<A href="http://www.paypal.com/cgi-bin/webscr?cmd=_home">
<IMG src="http://images.paypal.com/en_US/i/logo/email_logo.gif" border=0 width="256" height="36"></A>
</font>
<P><FONT face=Verdana size="2">Dear <STRONG><SPAN style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: Verdana">PayPal<SUP>®</SUP></SPAN> </STRONG>Member: <BR></FONT>
<font face="Verdana"><BR></font></P>
<P><FONT face=Verdana size=2><SPAN style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: Verdana">
<br>
Recently, our Account Review Team identified some unusual activity in your <br>
account. In accordance with PayPal's User Agreement and to ensure that your <br>
account has not been compromised, access to your account was limited. Your <br>
account access will remain limited until this issue has been resolved. This <br>
is a fraud prevention measure meant to ensure that your account is not <br>
compromised. <br>
<br>
In order to secure your account and quickly restore full access, we may <br>
require some specific information from you for the following reason: <br>
<br>
We would like to ensure that your account was not accessed by an <br>
unauthorized third party. Because protecting the security of your account <br>
is our primary concern, we have limited access to sensitive PayPal account <br>
features. We understand that this may be an inconvenience but please <br>
understand that this temporary limitation is for your protection. <br>
<br>
Case ID Number: PP-332-182-001 <br>
<br>
We encourage you to log in and restore full access as soon as possible. <br>
Should access to your account remain limited for an extended period of <br>
time, it may result in further limitations on the use of your account.</font></tt><FONT face=Verdana size=2> </P>
<P>However, failure to restore your records will result in account suspension. <BR>Please update your records on or before <FONT color=red><STRONG>March 5, 2005</STRONG>.</FONT> <BR><BR>Once you have updated your account records, your <SPAN style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: Verdana"><STRONG style="font-weight: 400">PayPal</STRONG></SPAN> session will not be <BR>interrupted and will continue as normal. </P>
<P>Please update your <strong style="font-weight: 400">
Paypal</strong> record: <BR><A href="http://202.29.80.159/.paypal/skmpp/" target=_self>https://www.paypal.com/cgi-bin/webscr?cmd=_login-run</A></P>
<P> </P>
</FONT><FONT face=Verdana>
<P align="left"><tt><font face="Verdana">Thank you for your prompt attention to this matter.
Please understand that <br>
this is a security measure meant to help protect you and your account. We <br>
apologize for any inconvenience. <br>
<br>
<br>
Sincerely, <br>
</font></tt></FONT><FONT face=Verdana size=2><FONT face=Verdana>
<SPAN style="COLOR: black; FONT-FAMILY: Verdana"><STRONG>PayPal<SUP>®</SUP></STRONG></SPAN></FONT>
Account Review Department<tt><font face="Verdana"><br>
<br>
<br>
<br>
PayPal Email ID PP181 <FONT face=Verdana size=2> <br>
</FONT>
</font></tt></FONT><FONT face=Verdana size=2><FONT face=Verdana size=2> </P>
<P>Accounts Management As outlined in our User Agreement, <SPAN style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: Verdana">
<STRONG style="font-weight: 400">PayPal</STRONG></SPAN> will <BR>periodically send you information about site changes and enhancements. </P>
<P>Visit our Privacy Policy and User Agreement if you have any questions. <BR><A href="http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/ua/policy_privacy-outside">http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/ua/policy_privacy-outside</A></P>
<P> </P></FORM></FONT></FONT></BODY></HTML>
<DIV>









We would like to ensure that your account was not accessed by an
unauthorized third party. Because protecting the security of your account
is our primary concern, we have limited access to sensitive PayPal account
features. We understand that this may be an inconvenience but please
understand that this temporary limitation is for your protection.

Case ID Number: PP-332-182-001

We encourage you to log in and restore full access as soon as possible.
Should access to your account remain limited for an extended period of
time, it may result in further limitations on the use of your account.
However, failure to restore your records will result in account suspension.
Please update your records on or before March 5, 2005.

Once you have updated your account records, your PayPal session will not be
interrupted and will continue as normal.
Please update your Paypal record:
https://www.paypal.com/cgi-bin/webscr?cmd=_login-run [links to http://202.29.80.159/.paypal/skmpp/]

Thank you for your prompt attention to this matter. Please understand that
this is a security measure meant to help protect you and your account. We
apologize for any inconvenience.


Sincerely,
PayPal® Account Review Department

 

[Steve]

Just had this Email, any comments please??? Looks dodgy

ANY email that asks for account details is a scam. Enough said?

 

[Jezza]

Just had this Email, any comments please??? Looks dodgy

Please update your Paypal record:
https://www.paypal.com/cgi-bin/webscr?cmd=_login-run [links to http://202.29.80.159/.paypal/skmpp/]

Its a Scam, the clue is where the link actual hyper link really goes to, not the text that shows on the top.

So it looks like it goes to https://www.paypal.com/cgi-bin/webscr?cmd=_login-run
but by looking at the scouce code of the email it is actually going to http://202.29.80.159/.paypal/skmpp/

 

[(RIP) Geriatric Germ]

Thanx for the prompt replies
Me luddite, but the Links all seem to go to Paypal Web Site, I haven't actually opened the mail yet, as I previewed it using Mailwasher. I recently withdrew money from Paypal for sold Ebay items and money transferred to my bank account OK. So I don't really understand it but will just delete and ignore. Thanks again.

 

[Paul G (BHT)]

Also one to note, Paypal will always address you by name and not Sir, Madam, member etc

 

[Droopy Dick]

Forward the e-mail to PayPal.

They take these things very seriously and use legal means to track down the scammers.

 

[Clive795]

The headers on this mail show it coming from New Mexico State University !,
It appears to have been routed through the internal mail server then out through their SMTP server.

Its likely that the real sender has just exploited a security weakness at the University to send out thousands of these mails using their mail server.

Clive

 

[AndyT]

I get at least 5 or 6 of these a week and just bin them all. I had one last week from someone in the US Military of all places. I thought they were all out in Iraq??

AndyT

 

[longdog]

Any GENUINE PayPal e-mail ALWAYS addresses you by your first and second names. Any e-mail which adresses you by "Dear Member" or similar is a scam! PayPal ask you to forward ANY e-mails like this to [email protected]