PayPal Scam

The PayPal scam involves scammers sending emails to Paypal customers and trying to get them to log into their account using a link in the email that actually takes them to a fake site imitating the Paypal site.

 When users enter their username and password, the scammers could then use this information to drain the user's account.

 The scammers often use stolen credit card details to register a fake domain name for a quick-hit scam.

 In a recent PayPal scam some customers received an email  saying they have a large payment waiting for them in their account. The site, deceptively named PayPai.com, was a convincing duplicate of the real thing - but according to Network Solutions, Paypai.com is registered to Birykov in South Ural,  Russia.

The message then offers up a link, urging the recipient to claim the funds. But the URL that is displayed for the unwitting victim uses a capital "i" (I), which looks just like a lowercase "L" (l), in many computer fonts.

So, when the victim clicks on that link, he or she is directed to a copycat Paypal scam login page that's really sitting on a British Web hosting service called "Easypost". If the victim does log in, the user name and password are sent to the scam artist. The email sent was similar to:

Mike Smith just sent you money with PayPal. Amount: $827.46 Click here to get you new account bonus! http://www.PayPaI.com/bonus Did you know you can earn money with the PayPal Refer-a-Friend program? Go to http://www.Pay-Pal.com/specialoffers for more details. To view your PayPal balance or other account information, log in at http://www.PayPaI.com/login

 A variation of the Paypal scam e-mail, titled "URGENT: PayPal Account Update" starts off by saying:

"Dear PayPal User, Today we had some trouble with one of our computer systems. While the trouble appears to be minor, we are not taking any chances. We decided to take the troubled system off-line and replace it with a new system. Unfortunately this caused us to lose some member data. Please follow the link below and log into your account to make sure your information is not affected. Account balances have not been affected."

It then says that: "If fees would normally apply, you will not pay anything for the next two incoming transfers you receive" because of the inconvenience of having to re-enter data.

The URL listed was https://www.paypal.com/cgi-bin/webscr/?cmd=_login-run. However, when clicked on, it directed the user to a supposed secure site, but with a URL starting with: http://www.paypalsys.com/ [no s after http]. Users were then asked to log in with their e-mail addresses and their passwords.

Another Paypal scam email to extract the information says:

 Dear Pay pal valued member,

  Due to concerns, for the safety and integrity of the pay pal account we have issued this warning message. It has come to our attention that your account information needs to be updated due to inactive members, frauds and spoof reports. If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the online service.

 However, failure to update your records will result in account suspension. This notification expires on 48 hours. Once you have updated your account records your pay pal account service will not be interrupted and will continue as normal. Please follow the link below and login to your account and renew your account information.

 PAY PAL Link (which really takes you to a scam pay pal page!)

Sincerely,

Pay pal customer department!

The Paypal scams are becoming more sophisticated, and now sometimes arrive in the form of HTML e-mails complete with PayPal logos and type faces. They offer Web links to sites that even contain the little lock symbol of security. The Web site addresses are subtly different from PayPal.com, however.

What to do for the Paypal Scam 

 Remember, even if an e-mail or website has all the necessary credibility elements and is devoid of the normal warning signs, it can still be a phishing e-mail. Legitimate companies don't (or shouldn't!) ask for important information by e-mail. If you are unsure if an e-mail is legitimate or not, visit the company's website by typing it directly into your address bar (links can fool you) or call the company using a registered telephone number (not the one listed in the e-mail!) and ask them.

 Never give out personal information unless you are sure that it will be secure.

 If you think you have experienced PayPal fraud or received a PayPal scam via email (e.g. a fake email pretending to be from PayPal), forward the entire email to spoof@paypal.com, and delete it from your email account. If you come across a fake PayPal website, contact theircustomer service team.

Please follow these tips to keep your account secure:

Only enter your PayPal password on pages where the URL begins with https://www.paypal.com/. Even if the URL contains the word 'PayPal', it may not be a PayPal webpage.

These "spoof" websites try to imitate PayPal in order to obtain your PayPal password and access to your account. Spoof websites we encountered in the past have included: www.paypalnet.com, www.paypa1.com, and www.paypalsecure.com. 

Some spoof websites will send emails that pretend to come from PayPal to entice you to log in at the spoof URL. Be especially cautious of emails that direct you to a website asking for sensitive information such as your password, credit card, or bank account information. Remember, you can recognize a spoof email if it suggests that you log in to a URL that does not begin with exactly https://www.paypal.com/.