Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 116 - July 2011 - Page 12

Paypal 'Strange IP from a Different Location' Phishing Scam

Issue 116 Start Menu

Previous Article            Next Article

Email purporting to be from Paypal, claims that the customer must verify account information because a "strange ip from a different location" attempted to login and account access has therefore been limited for security reasons.

Brief Analysis
The email is not from Paypal. In fact, the message is a phishing scam designed to trick PayPal customers into handing over account and credit card details to criminals.

Bookmark and Share
Detailed analysis and references below example.

Last updated: 14th May 2011
First published: 14th May 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Subject: This is a service notification from PayPal regarding important ................ to your accounts or services.

[Paypal logo]

Please note: This is a service notification from PayPal regarding important to your accounts or services.
Dear Customer,

A strange ip from a different location was recently login into your PayPal account and we have decided to limitate your account on our ongoing effort to protect your account and our relationship, we monitor your account for possible fraudulent activity.

As a result, we require you to confirm and verify your account information By Clicking Here and completing the confirmation process.

If you spot a transaction you don't recognise call us immediately on [Removed] as soon as possible.

PayPal Fraud Prevention Department

Detailed Analysis

© Hickling

Paypal phishing Scam
This email, which claims to be from online payment service Paypal, warns the recipient that, due to suspected fraudulent activity, it is necessary to confirm and verify account information. According to the message, a "strange ip from a different location" recently attempted to login to the account and the "PayPal Fraud Prevention Department" has therefore decided to "limitate" the account as a precaution. The recipient is instructed to follow a link in the message in order to complete the account confirmation process.

However, the message is certainly not from Paypal and the claims that fraudulent activity has been detected on the recipient's account is untrue. In fact, the message is a phishing scam designed to trick unsuspecting Paypal users into divulging their Paypal account details to Internet criminals. Recipients who fall for the ruse and click the link in the message will be taken to a bogus website designed to mirror the appearance and functionality of a genuine Paypal web page. Once on the fake site, victims will be first asked to enter their Paypal email address and password in order to "log in". They will then be presented with a "verification" form that asks them to provide credit card numbers and other sensitive personal information, ostensibly as a means of confirming their identity and restoring full account access. Both the scam email and the bogus website include familiar Paypal logos and other elements designed to make them appear genuine.

All information entered on the bogus website - including the Paypal login credentials - will be collected by the scammers responsible for the phishing attack. Using this stolen personal information, these criminals can then access their victims' real PayPal accounts as well as make fraudulent use of their credit cards.

Largely because it is an online entity that regularly communicates with customers via email, Paypal has been continually targeted by phishing scammers over a number of years. Paypal will never send you an email asking you to follow a link and provide account details as a means of confirming your account. Paypal will never ask you to provide passwords or bank and credit card details via an email. Moreover, genuine Paypal emails will never use generic greetings such as "Dear Customer". Genuine Paypal emails will always address you by name. Paypal scam emails can often be identified by poor spelling, unusual grammar and calls for "urgent" action from recipients.

If you receive an email purporting to be from Paypal that you suspect may be fraudulent, do not follow any links in the message. Do not open any attachments that the email may contain. Always login to your Paypal account by typing the address in your browser's address bar rather than by following a link in an email.

Paypal has published information warning customers about such phishing scams on its website.

Bookmark and Share References
Phishing Scams - Anti-Phishing Information
Paypal New Message Phishing Scam
"Paypal - Your Guide to Phishing:

Previous Article            Next Article

Issue 116 Start Menu

Pages in this month's issue:
  1. Amazing Hand Paintings The Work of Artist Guido Daniele
  2. F-Secure 'Security Maintenance' Password Phishing Scam
  3. No Ordinary Bus - Robert Mugabe's Luxury Bus Protest Message
  4. Rugby World Cup Advance Fee Lottery Scam
  5. South African Giant Rats Risk Alert
  6. McDonald's 'Free Dinner Day' Malware Email
  7. Overblown Facebook Warning: Remove All Profile Pics With Kids
  8. Exhibit B-5 Viral Video - Girl Gets Hit By Car After Prank Goes Wrong
  9. Sheikh Zayed House Hoax
  10. Lightning Storm Meets Volcanic Eruption Photos
  11. Facebook Warning - Applications Sending Porno Messages in Your Name
  12. Paypal 'Strange IP from a Different Location' Phishing Scam
  13. Black Van Child Abduction Alert - Number Plate Ending With 03A
  14. 'New Way to Hack Your Face Book' Warning Message
  15. Western Union 'Too Many Login Attempts' Phishing Scam
  16. Domain Name Application Scam
  17. Direct TV Treatment of Joplin Tornado Victims Protest Message
  18. Diversity Visa Lottery Green Card Scam
  19. Becoming a Father or Mother Facebook Group Pedophile Warning Hoax
  20. Elephant 'Road Rage' in South Africa