I have a Paypal account and I buy a lot of stuff from eBay. My account is connected to my Yahoo email; it used to be with my office email but sometimes our firewall treats Paypal emails as spam.
Anyway, I checked my Yahoo account yesterday and there was a notice that I sent payment of 395.85USD to someone for buying an Omega Constellation Watch (must've been a fake watch that one ). Scrolling down the message there was an area which asked if this transaction is not authorized; I should click on the Problem Resolution Center. I clicked on it and the website appeared which definitely looked like Paypal. It asked me to log in; which I did. The next step was that it asked for my First Name, Last Name, Credit Card info, etc. This actually struck me as being strange. Since I had a Paypal account, logging in automatically tells the website who I am and what my personal details are.
What I did was immediately logged out. I then logged in again and changed my password and secret question (when you forget your password this one prompts you). Logged out again, then logged in and checked my history or activity. It showed that there was no purchase done on the said date (when I supposedly bought a watch). I forwarded the suspect email to: 'sp[email protected]' for them to clarify and investigate for me. I also checked with my credit card company and thankfully they said that there was no activity related to the case I described.
This morning I checked my Yahoo email and Paypal responded saying that they have verified the email to be a fake. The first point is that Paypal will never address you as "Dear Member or Dear Paypal Member". The second point is that there was a difference in the URL used by the fraud link. For those of you who use Paypal; please take some time off and read a little more on this. There's a "Contact Us" section, from there you can type "Fraud" in the search field. A topic saying "How do I differentiate between a fake and authentic email from Paypal" (or something like that).
Lastly, Paypal said that if I did fill out the information requested by the fraud URL; chances are my credit card info would have been obtained and who knows what can happen. I'm sending you a copy of the email I received. PLEASE TREAT THIS AS REFERENCE ONLY. DO NOT COPY OR CLICK ON ANY LINKS.
Cheers
Rob
------------------------------------------------------------------------
--------------------------------------------------------------------------
PayPal <[email protected]>" <[email protected]> Add to Address Book Add Mobile Alert
Subject:
Your payment has been sent to [email protected]
Date:
Tue, 10 Jan 2006 20:20:01 -0700
Dear PayPal Member,
This email confirms that you have paid OMEGAMOVE ([email protected]) $395.85 USD using PayPal.
This credit card transaction will appear on your bill as "PAYPAL OMEGAMOVE".
--------------------------------------------------------------------------------
PayPal Shopping Cart Contents
Item Name:
Omega Constellation Men Watch - mint
Quantity:
1
Total:
$380.85 USD
Cart Subtotal:
$380.85 USD
Sales Tax:
$15.00 USD
Cart Total:
$395.85 USD
--------------------------------------------------------------------------------
Shipping Information
Shipping Info:
James Dickinson
184 Hadley Dr.
Chicago, IL 60614
United States
Address Status:
Unconfirmed
--------------------------------------------------------------------------------
If you haven't authorized this charge, click the link below to cancel the payment and get a full refund.
Dispute Transaction
--------------------------------------------------------------------------------
Thank you for using PayPal!
The PayPal Team
First: check on which domain you are checked.
Most fraud email don't link to real sites.
However: you see good link for example http://www.paypal.com/authorize.html in email, but when you hover over the link, below your good email client you can see real link in status bar, for example http://paypal.proof.nu/auth/login.php or so. Or strange ipnumber http://12.31.78.2/paypal/auth.html.
(links are not real - just for example, no need to clicking!!!!)
Yes, don't look blindly on words on the email. Look always behind the emails: which real links are here used? Is there not extra words used, is grammar okay, and looks altijd first on official sites if there is indeed happens. If there is indeed such information available then you can look further. If there is warning about fake emails, trash the email immediately or forward to paypal site for examining fraud links.
Such strange links are not linked to www.paypal.com. That is why you must always check the real links where you going to.
And when the fraud email links real to www.paypal.com site, then is fraud email useless.
Full image fraud emails are almost fake. You can always trash them.
Similar thing happened to me with an Amazon spoof site. Of course, the email was in HTML and the link redirected me to another site that asked me to sign in and then give credit card details. It looked very convincing indeed. This was the first time I'd ever received such a thing and it nearly caught me off guard but luckily I realised at the last moment that it was illegal 'phishing' activity. I'm not sure who to report this to though, Amazon, or a more authorative body like the police? See the attached images for what the site/email looked like.
Regards,
Neil.
thanks for the info
PayPal Example
mrdummy - You had some great points.
I just came across an interesting example of a PayPal fraud email.
The email had this from header...
"From: [email protected] ([email protected]) "
If you look at the domain name... [email protected] "ACCOUNTS-PAYPAL.COM", you can see that it's not from paypal.com. That's the best way to determine whether or not it's spam email.
GMail does a great job of helping you determine this. This email wouldn't have even showed up in your spam box since GMail wouldn't have accepted it because it's claiming to be from "paypal.com" and it's actually from "accounts-paypal.com".
Other good email fraud tips.
GMail will also put a little key next to the sender's name if it is a legitamate email... atleast in PayPal's case.
Related
Has anyone else had this problem? I purchased Rom Manager on October 2nd 2010 via paypal. I had to reload all my programs and one of them was Rom Manager. I go in to put in my Transaction ID from my Paypal account and it tells me that there is no premium License for that Transaction ID. I emailed the developer to see what is going on but I have not heard anything back . Another monkey wrench is that I no longer have access to that email as it was hacked and I have no way of getting that email back. If Koush or someone needs the information that I have from my Paypal account I can gladly private message them.
I've got the same issue. I've emailed Koush (from the email address associated with the Paypal account with which I paid for the licence) several times and sent him a private twitter. I've had no contact from him at all.
Working now
hey peeps! I had this issue too but checked again today and its working mint Tapped the "Device ID" in settings and displayed "Licence Retrieved" like it used to.
Nice.
Teleflip.com and Beltic.com used to let you send a text message to a cell phone from email, without needing to know that domain of the wireless number. For example, you'd send an email MOD EDIT: REMOVED EMAILS and the service would automatically forward the message to the correct wireless domain. I'm well aware that there are tons of free sites that will tell me the domain, but I'm wondering if there are any sites/services still in existence that does the look up for me.
Thanks!
Moved
I recently ordered an S9+ from clove.co.uk the other day. I checked my email to see if I had gotten any shipping/tracking info and saw the following email:
Thank you again for your order.
Due to the nature of the goods we sell there are unfortunately many attempts to obtain goods fraudulently and we have been advised to request additional information from new customers. Please can you provide one of the options below.
A) If we are delivering to the registered card holder address you can email or fax a copy (photo, scan or pdf) of your passport or driving license. We understand that you may wish to conceal some information - that is fine and the document can be in any language.
OR
B) Please note that you will need to do this if we are NOT delivering to the registered card holder address. Please can you ensure that your card issuer has a record of the delivery address required and then provide us with your full card number (we only have access to the last 4 digits) and expiry date, so that we can call them to verify that shipment to the alternative address has been authorised by the registered card holder.
Your co-operation with this security procedure is appreciated and we look forward to hearing from you soon.
Please use the link below to read our delivery information page if you have not already done so. (If clicking on the link does not work, please copy and paste it into your web browser.
Seems silly they would ask for a DL or Passport with most the information obfuscated. I mean anyone could just use photoshop off Google. Plus I also have issues with sending this kind of info over unencrypted email (lol 'security'). I am just wondering if anyone else that has ordered from this site has received this email? I asked if they could reply back in encrypted fashion but I'm sure they'll give me some excuse why they can't.
Booyaah82 said:
I recently ordered an S9+ from clove.co.uk the other day. I checked my email to see if I had gotten any shipping/tracking info and saw the following email:
Thank you again for your order.
Due to the nature of the goods we sell there are unfortunately many attempts to obtain goods fraudulently and we have been advised to request additional information from new customers. Please can you provide one of the options below.
A) If we are delivering to the registered card holder address you can email or fax a copy (photo, scan or pdf) of your passport or driving license. We understand that you may wish to conceal some information - that is fine and the document can be in any language.
OR
B) Please note that you will need to do this if we are NOT delivering to the registered card holder address. Please can you ensure that your card issuer has a record of the delivery address required and then provide us with your full card number (we only have access to the last 4 digits) and expiry date, so that we can call them to verify that shipment to the alternative address has been authorised by the registered card holder.
Your co-operation with this security procedure is appreciated and we look forward to hearing from you soon.
Please use the link below to read our delivery information page if you have not already done so. (If clicking on the link does not work, please copy and paste it into your web browser.
Seems silly they would ask for a DL or Passport with most the information obfuscated. I mean anyone could just use photoshop off Google. Plus I also have issues with sending this kind of info over unencrypted email (lol 'security'). I am just wondering if anyone else that has ordered from this site has received this email?
Click to expand...
Click to collapse
Have you checked header of the email?
Sent from my SM-N950F using Tapatalk
uigiflip said:
Have you checked header of the email?
Sent from my SM-N950F using Tapatalk
Click to expand...
Click to collapse
Yes I found this, still not sure if legit but the IP does resolve to the UK:
Received: from clove.co.uk (78.137.118.108.srvlist.ukfast.net [78.137.118.108])
by smtp.mclhosting.com (Postfix) with ESMTP id 7AE6628A05
X-Sender-IP: 84.45.99.231
X-SID-PRA: [email protected]
Booyaah82 said:
Yes I found this, still not sure if legit but the IP does resolve to the UK:
Received: from clove.co.uk (78.137.118.108.srvlist.ukfast.net [78.137.118.108])
by smtp.mclhosting.com (Postfix) with ESMTP id 7AE6628A05
Click to expand...
Click to collapse
Could be legit but if you dont like giving out personal documents maybe buy else where
Sent from my SM-N950F using Tapatalk
OK, i have a problem with my email provider and i change it.
So i bought player directly from player's home page.
I communicate with support in facebook from 10th this month, send a email to [email protected]
to change email address in license and no answer yet.
Here is the last place where i write for this. If player supported team do not help me i will use cracked version and will not paid for nothing else. This is a scandal!
kiotobg said:
OK, i have a problem with my email provider and i change it.
So i bought player directly from player's home page.
I communicate with support in facebook from 10th this month, send a email to [email protected]
to change email address in license and no answer yet.
Here is the last place where i write for this. If player supported team do not help me i will use cracked version and will not paid for nothing else. This is a scandal!
Click to expand...
Click to collapse
Hi,
We have requested you to send a request mail to [email protected]. Unfortunately, you have sent the mail to [email protected]. Even though it's not allowed to change the email account (in fact it's not possible in google play licenses), we have considered your case as special, and changed the licensed email account & replied back to you on facebook before few days. Kindly check your messages.
Is Sambd.org a reliable business?
Last Saturday I've payed by iDeal an amount of 4 euro to be able to download drivers quickly.
I thought this was a one-time-payment.
But this morning I received an e-mail from Sambd.org with the text:
"Your access to the premium membership will expire: 14.06.2020
Subscription will continue automatically.
You can unsubscribe in the profile settings."
But in the profile settings is no possibility to unsubscribe.
Sambd does not reply on e-mails.
I don't trust this.
How can I cancel the recurring payment via iDeal and block Sambd.org for future payments?
Thank you for help.
sellh1 said:
Is Sambd.org a reliable business?
Last Saturday I've payed by iDeal an amount of 4 euro to be able to download drivers quickly.
I thought this was a one-time-payment.
But this morning I received an e-mail from Sambd.org with the text:
"Your access to the premium membership will expire: 14.06.2020
Subscription will continue automatically.
You can unsubscribe in the profile settings."
But in the profile settings is no possibility to unsubscribe.
Sambd does not reply on e-mails.
I don't trust this.
How can I cancel the recurring payment via iDeal and block Sambd.org for future payments?
Thank you for help.
Click to expand...
Click to collapse
Here's what is written on the website:
If you have any questions or difficulties related to accessing the site or using a premium account, please contact us via e-mail:
[email protected]
You should not enter your credit card info on a website you don't trust. Scammer often use Credit Card as payment because it's not refundable (as well as bitcoins and Western Union). When you pay on internet use services like PayPal that has a clear policy on when to get a refund. IDK if this website is trustworthy, but I hope for you.