Another Scam?

leffler02 · September 26, 2005, 3:13am

I got a relay call on Friday at my shop, this is where someone uses a
free internet service to make a phone call. The person asked if i
sold gold chains, they said they wanted to send them to a cousin in
West Africa. they asked me if I would over charge their credit card
for a laptop and send that as well, oh, and I was to overcharge their
credit card for shipping charges as well. After they gave me their
name, I hung up and promptly called the FBI. They said it was a
common thing… They gave me a website to report the incident. Keep
this is mind- it just goes to show that there is really no one
looking out for you.

Cindy Leffler
Manney B’s

judyh · November 24, 2005, 9:10am

I nearly got caught today with an ingenious pfishing scam. I got a
note in my inbox that $395 had been charged to my paypal account.
Since I hadn’t done any such thing, I paged down the email and found
a place to click to verify the charge. I clicked thru, and almost
immediately realized that the verification wasn’t quite
right. When I checked the link even though it said
paypal, it didn’t look right.

I then backed out, went directly to paypal and checked my account.
No charge in that amount had been made, it was a clever attempt to
get my

The worrisome part is that the page you click to looks exactly like
paypal. The tabs operate and take you to something that works just
like paypal. Beware.

Judy Hoch

donnawilson44 · November 25, 2005, 5:15am

ingenious pfishing scam. I got a note in my inbox that $395 had
been charged to my paypal account.

I get some phishing e-mail from “Paypal” almost every day. Usually
it says I have added an account to my address and that I should check
and update. I immediately forward that e-mail to spoof@paypal.com
and within an hour or so I have a reply that it wasn’t from them.
This happens so often that I forwary everything on to them.

Donna in VA

richard_hart2 · November 25, 2005, 5:48am

When I checked the link even though it said paypal,
it didn't look right.

There is a site you can google, and download a toolbar, called
spoofstick, and the toolbar tells you what website you are really on
in realtime. I have gotten many e-mails about my someone trying to
access my paypal account from another country that were frauds, and
my natural response was to want to click on the url.

I would like to say as a generality that e-bay and paypal do not
e-mail, but that is not true. They e-mailed me to call my bank and
confirm deposits to my account, and it was legitimate as they then
call me a verified account.

There is another program that you can google called cleancache 3.0
that you can download and run as a trial for 30 days. It removes
cookies, registry entries ect., I ran it and there were hundreds of
entries although I have 3 anti-spyware, virus protection, firewalls,
ect.

I have watched Call for Help pretty consistantly for the last 2
years, and it is a constant battle for us to keep up with the
technology to prevent attackes to our systems, if you are using
Windows.

Linux and Mac users do not have the problems the Windows platform
has, and if things continue the way they are, it might be necessary
to re-learn as that would be the safest way to be protected with the
least amount of effort.

General safety first:

Do not open attachments unless you know the Sender
do not use urls in e-mails, type Urls in the address page Yourself
download and use mozilla firefox Instead of internet explorer,
Firefox has less vulnerability to hacking
use a router, it is a hardware Firewall
if you use internet explorer, stay Current with Downloading
security patches from microsoft.

And if anyone out there is IT knowledgable, if there is something I
left out or am wrong about, please speak up.

And I learned the hard way, loss of being attacked and
having to have my systems reformatted with corruption and loss of

Go forth and Google, Richard Hart

jeranor · November 25, 2005, 5:48am

Judy,

I get one of those every couple of weeks or so. When you get one,
immediately forward it to "spoof@paypal.com". Paypal will send you a
reply telling you whether the email was legitimate or not. Go tp the
PayPal home page and click on “security tips” toward the bottom of
the column on the left where this and other security precautions are
listed.

Jerry in Kodiak

tam2819 · November 25, 2005, 5:48am

Judy,

Both PayPal and Ebay are ripe for Phishing.

Please be aware either one will only address you by name. When you
see what appears to be either PayPal and/or Ebay addressing you as
Dear PayPal subscriber, know immediately it is not legitimate.

At that point simply forward that specific message to either
spoof@paypal.com or spoof@ebay.com, whichever is applicable.

You will shortly receive an official message both thanking you and
advising you this indeed was not sent by them.

Remember, if you are not addresses by name, it is phony.

HTH
Terrie

Loren_S_Damewood1 · November 25, 2005, 6:00am

Judy,

I nearly got caught today with an ingenious pfishing scam. I got a
note in my inbox that $395 had been charged to my paypal account.

Never, ever, click on a link in a message like that. If it’s a valid
message from a company that you do business with, you can verify the
by going straight to their site the way you normally do,
or if it isn’t valid, make that determination directly from their
site, as well.

I get phishing messages all the time, usually purporting to be from
institutions with which I have no affiliation at all, but
occasionally claiming to be from PayPal or any of several others with
which I do business. Even if it looks like they’re legit, I don’t
click on them. Heck, even if they are legitimate, and I know they
are, I don’t click on them. I get payments via PayPal all the time,
and after a notice shows up, I go to my browser and navigate to their
site to see it, rather than click the link in the message, just out
of habit.

Loren

CeltCrafts · November 26, 2005, 8:34am

One of the first signs that an email is not from PayPal or Ebay is
that they don’t use your name in the greeting.

Legitimate email from both these places will use the name you gave
them when you originally registered in the email. They both also have
a page that helps you spot spoof email. If you go to their sites you
should be able to find that.

One idiot actually tried to tell me that there was suspicious
activity on my account on December 8, 2005. Hmmm, what’s wrong with
that picture?

Kerry
CeltCraft Beads & Jewelry

Teri · November 26, 2005, 8:37am

good advice and if you just roll your cursor to the live link (in
Outlook Express anyway) the address appears in the bottom left corner
and is never correct looks weird like payments.paypal.vk.com

its a phishing redirection and sometimes uses paypal in it’s adress
but if there were a true problem with paypal security they would call
you on the phone!

Trust me they called me within 30 minutes of some unusal activity on
my account. It was me but they do watch dog so feel a bit safer and
ignore the emails. I check my paypal account daily for transactions
anyway.

Teri
An American Cameo Artist
www.cameoartist.com

rockhead2u1 · November 26, 2005, 8:37am

It seems like I am always getting some of these scams. A lot of
letters from “people” in African countries. Is there some email
address we can forward them to. All I have been doing is to block the
message sender but they seem to have hundreds of email addresses
because some of the same people or some that have the same
advertisements come the next day or so.

Larry E. Whittington

Gerald · November 26, 2005, 8:37am

“When in doubt,… throw out”.

I know its an olde cliche. In these phishing worlds of internet
scams, I save myself much wasted time. Sometimes you just gotta use
your 10x power loupe and investigate further…Gerry Lewy!

Dale_Karen_Hostetter · November 26, 2005, 8:42am

Thanks Loren, I received the same type Paypal inquiry the day after
reading your post. Rather than opening it I forwarded it to Paypal
for authentication and they confirmed it to be a fraud. I recommend
to all, if you receive an inquiry from paypal requesting your
personal DO NOT open it. Forward it to spoof@paypal.com
for authentication.

Dale H. LACA

Ettagale · November 26, 2005, 8:42am

Regarding PayPal:

Be careful, be very careful. PayPal scams are incredibly deceptive
and aggressive. Hit the “report spam” button on all your PayPal email
and do your due diligence. Check your account directly by going to
the site on your own. I agree that this is one of the most difficult
scams around.

I once paid something on a PayPal account and ever since I have been
getting these phony messages. It’s quite frightening.

Ettagale Blauer
ettagale@aol.com

Gem_Wise · November 27, 2005, 8:47am

Ettagale,

We have a merchant account and we get all sorts of things
supposededly from Paypal saying our account has been hacked and a
new email address has been added. Gotta watch it.

Josh1 · November 28, 2005, 7:40am

Greetings all,

Email scams will always be with us because they work. They provide a
venue for a less than honest person to skim money from the
uneducated masses.

Here’s something we can all do to at least slow it down;

The Federal Trade Commission maintains an email address where
suspect scams can be sent. It is uce@ftc.gov and they require you to
copy the header, attach it to the email you are forwarding to them.
You will not receive a reply, but they will analyze and take action
where possible.

To copy a header in Outlook Express, click on the address bar at the
top of the offending email, click File, click Properties. A box
opens where you click Details. Right click the text and click Copy.
When you forward the email place your cursor at the top of the email
and click Paste, type UCE@FTC.GOV in the address, then click send.
You can cancel spellchecker if it pops up.

This seems a bit complicated, but you will get the hang of it in no
time, and it will give you a warm, fuzzy, feeling knowing you have
done something to squelch a thief.

In the case of the “Nigerian” scams you may notice that they are not
as savvy as some other common thieves. That is, they have no idea
how to ‘spoof’ an email address, so they use Yahoo, or Hot Mail, or
someone similar, quite often a foreign version is used.

If you will include in your forward to uce@ftc.gov the abuse address
for their mail server, ie., abuse@yahoo.com or abuse@hotmail.com,
the techs who man the mail servers will investigate and terminate
the offending user. You will get an email reply stating they have
done so in rather ambiguous terms.

I have achieved a slow down, then complete cessation of Nigerian
Scam mail. Perhaps they keep a black list of folks who fight back,
who knows.

Hope this helps…
Josh

Bad Art Gallery
http://www.badartgallery.com
josh@badartgallery.com

James_E_Good1 · November 28, 2005, 7:51am

For general “junk mail” forms of these scam emails, try the US FTC
at spam@uce.gov. If the email directs you to a foreign site (even
though it looks like an American company) try the US FBI site at
www.fbi.gov then look for a link to report fraud and/or spam. The FBI
will most likely suggest that you try the FTC (Federal Trade
Commission) web site at www.ftc.gov.

James Good

jbin1 · November 28, 2005, 8:04am

I once paid something on a PayPal account and ever since I have
been getting these phony messages. It's quite frightening

It has nothing to do with using PayPal everyone gets this kind of
spam there is even a name for it it is called Phishing. Paypal
virtually never sends you email other than receipts for
transactions, any other email that claims to be from PayPal is 99.9%
of the time likely to be bogus.

James Binnion
@James_Binnion
James Binnion Metal Arts

360-756-6550

Vera_Battemarco · November 29, 2005, 5:46am

The best thing to do when in doubt about any email received from
Paypal or Ebay is to forward to spoof@paypal.com or spoof@ebay.com.
They will let you know if it is a fake.

I have received phishing emails from financial intitutions I never
dealt with. Obviously, they were not legitimate. Never click on any
link. Just hit the forward button and send it to “spoof@_____”. Most
companies use this email address. You will help them improve their
safety measures too.

Vera Battemarco
www.verabattemarco.com

alberic · November 29, 2005, 6:11am

One note about “gotta update your account!” messages:

Most serious merchants, and paypal specifically, add your full name
into real emails. So instead of “dear paypal user” yours would read
"Dear [your name]".

Unless it really does have your full, correct name in it, it’s
bogus, every time. Even then, don’t EVER click on a link in an
email message, especially one related to money.

Real PayPal messages don’t even have any links to click. If it
says paypal, and has any link at all, it’s bogus.

If you want to check your account, go to your browser, and manually
type in the address you want to go to. Don’t use any of those
helpful ‘finish for you’ fields that show up in the address bar: they
can be spoofed if your computer is infected with viruses or spyware.
(But if it’s that infected, you’re pretty well toast anyway.
Anti-spyware and anti-virus softwaRe: use it early, use it often. (Or
just get a Mac.))

Regards,
Brian.

Mark_Johnson · November 30, 2005, 8:50am

Unless it really does have your full, correct name in it, it's
bogus, every time. Even then, don't *EVER* click on a link in an
email message, especially one related to money.

Wise words. Most of those links always seem to go to a.asp or.php
file which are script files. While designed to work with forms they
may also be able to sneak some code into your machine to get you
private

Mark