PayPal Users Beware!

Not a day goes by that I don’t receive at least five ‘scam emails’.

Typically, these are claims that I have won $x million in a Netherlands lottery, in which my name was drawn simply because I’m a user of ‘The World Wide Web’, or some of my favorites, a kind old woman on her deathbed in Belgium, with no heirs, has chosen me at random to inherit the fortune her late husband left behind.

Most of these scammers are easy to spot. They offer outrageous claims, and most include such grammatical mistakes that one can even easily decipher which part of the world the email originated from.

They all share one thing in common; they are rip-offs that prey on the not-so-computer savvy user. Regardless of the flavor of the scam, they normally all work about the same way. The offer a great deal of money in exchange for the victim paying a ‘fee’ to release the money, or make deposit in an off-shore account to prove identity, etc. Most give some poorly constructed excuse as to why the victim should not tell anyone about the ‘inheritance’, such as those which claim the sender’s life would be jeopardized if authorities, family members or lawyers knew they were giving away all this money.

However, as of late I have received several troubling scam emails. I say troubling because they appear authentic on the surface, and have initially fooled even myself.

The latest, an email appearing to be official correspondence from PayPal, in which I’m notified that my PayPal account has been ‘limited due to suspicious activity’. The email contains a link, with instructions to click it to restore account access.

The last thing I would ever do is click that link. Instead, I immediately logged into PayPal to verify that my account had been restricted. There was no sign whatsoever that any action such as that claimed in the email had been initiated on my account.

Next, I took closer look at the email, and checked out the header information that was sent with it. Aha! A quick look at the headers and it was quite clear that this email was spoofed. While the reply-to address had been set as paypal@service.com, an official PayPal email address, the headers provided the real originating ip address, which resolved to a location in Abu Dhabi.

Upon further inspection I determined the link contained in the email to point to a url that is blacklisted as a known spoofing site.

So, if you have received, or receive in the future, any emails along these parameters, take time to investigate. Don’t click any links in the email. If you are unsure, or suspect a possible scam, check the source first. Visit your account online or call your financial institution before following any instructions contained in a suspicious email.

A photo of the PayPal scam email follows:


Save pagePDF pageEmail pagePrint page

One Comment

  1. steve says:

    ha.. funny seems how i had a problem with my paypal account not so long ago and then afterwards my debit card was restricted because of fraudulent activity that came from the NETHERLANDS .haha i dont know as if the 2 had anything to do with each other but its a possibility.. i have northwest savings bank and they did a good job at detecting the fraud…

Leave a Comment