PayPal Phishing Scam

He has: 286 posts

Joined: Mar 2003

I had read about this one, but today the PayPal phishing scam hit my email box.

Got an email from account[at] Here is the text:

Dear PayPal Member,

Your account has been randomly flagged in our system as a part of our routine security measures. This is a must to ensure that only you have access and use of your PayPal account and to ensure a safe PayPal experience. We require all flagged accounts to verify their information on file with us. To verify your Information at this time, please visit our secure server webform by clicking the hyperlink below

Click here to verify your Information

Thank you for using PayPal!

The PayPal Team

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the footer of any page.

To receive email notifications in plain text instead of HTML, update your preferences here.

Like a dope, I did click on that link and then entered my username and password. I was then brought to a screen that asked for my credit card number. Something clicked in one of my brain cells, and I thought: "Oh...Yes...The old PayPal scam I've been hearing about."

I shut the browser then re-opened it and returned to PayPal the legitimate way, and then changed my password.


I checked the header of the email and it read:

X-Originating-IP: []
Received: from nobody by

Went to that site, where I was informed:

You don't have permission to access /cgi-bin/ on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Ah, ha, ha, ha! Right! I mean, I wouldn't want to do anything illegal! Laughing out loud

teammatt3's picture

He has: 2,102 posts

Joined: Sep 2003

Quote: Something clicked in one of my brain cells, and I thought: "Oh...Yes...The old PayPal scam I've been hearing about."

If that click didn't happen, you can only imagine...:alien:

Smart move changing your password quickly!

He has: 28 posts

Joined: Nov 2003

Just remember that Paypal will always use your name in the email not "dear Payapl member".

Always check the link before clicking. It should always be Not http://123.456.89 or etc etc.

Jim Hoffman
The 11th Hour SEO

mairving's picture

They have: 2,256 posts

Joined: Feb 2001

Usually what I do is go to the site and type in:
Username: URKidding
Password: reportedtoebay

I used to forward the emails over to Ebay but they are so idiotic about it and tell me all about fraud and phishing and how to prevent it. All I am trying to do is to help them close some of these guys down.

Mark Irving
I have a mind like a steel trap; it is rusty and illegal in 47 states

He has: 38 posts

Joined: Sep 2004

I got the same message, twice, yet I ain't even registered with paypal, never will (no trust here). Bet ya some muppets get fooled though!

pmj7's picture

He has: 234 posts

Joined: Nov 2002

Make sure you update FireFox to 1.0.3 so you can see the actual URL when you visit. Earlier versions could read but are actually something else, they use international characters to make it look like


Touchup image processing applet
Pixel Development Web Design, Photography

He has: 388 posts

Joined: Apr 2005

i think this is one of the more clever scam emails emails

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.