Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation










Issue 121 - December 2011 - Page 10

Skype TopUp Payment PayPal Phishing Scam

Issue 121 Start Menu

Previous Article            Next Article

Outline
Email notifies the recipient that a Skype TopUp payment of 69.99 GBP has been made via his or her PayPal account.



Brief Analysis
The message is not a genuine PayPal transaction notification. It is a phishing scam designed to trick recipients into visiting a fake PayPal website and divulging their login and financial details to Internet criminals.

Bookmark and Share
Detailed analysis and references below example.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:






Last updated: 18th November 2011
First published: 18th November 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: Confirm your TopUp !
You sent a payment of 69.99 GBP to Skype (TopUp@*******.com)
Thanks for using PayPal. To see all the transaction details, log in to your PayPal account.

It may take a few moments for this transaction to appear in your account.

________________________________________
Merchant
Skype
TopUp@*******.com
Instructions to merchant
You haven't entered any instructions.
Shipping address - Unconfirmed
United Kingdom Postage details
The seller hasnít provided any postage details yet.
Description Unit price Qty Amount
Online Number, 3 month subscription 69.99 GBP 1 69.99 GBP

Subtotal 69.99 GBP
Total 69.99 GBP

Issues with this transaction?
If you haven't authorized this charge, open a dispute at:
[Link removed] and get a full refund.

________________________________________

Skyp TopUp Phishing Scam




Detailed Analysis
This email, which masquerades as a transaction notification from online payment service PayPal, claims that a Skype TopUp payment of 69.99 GBP has been made via the recipient's PayPal account. According to the message, the recipient can open a dispute about the transaction and get a full refund by following a link included in the email.

However, the email is not a genuine PayPal message. The message is a phishing scam designed to trick people into handing over their personal and financial details to scammers. The recipient has not been charged 69.99 GBP for a Skype TopUp as claimed in the scam message. In fact, the supposed charge is simply the bait used to trick people into clicking the "refund" link.

The scammers bank on the fact that at least some recipients, panicked into believing that an unauthorized transaction has been made on their PayPal account, will follow the "refund" link in the mistaken believe that they can dispute the transaction and get their money back. Those who do follow the link will first be taken to a fake webpage designed to closely resemble the genuine PayPal website and asked to login with their PayPal username and password. Once they have logged on to the fake site, they will then be presented with the following "Refund Request - Identity Verification" form which asks them to provide their credit card number and a large amount of personal information:

PayPal refund scam form

Any information entered on the fake website can be collected by the scammers and used for credit card fraud and identity theft. Since they have also stolen the victim's login details via the fake login page, the scammers can also hijack his or her real PayPal account and conduct further fraudulent transactions.

Because it conducts its operations primarily online and via email, PayPal is an ongoing target for phishing scammers. Be cautious of any message purporting to be from PayPal that asks you to follow a link to supply personal or financial information. Always login to PayPal by entering the PayPal address into your web browser. PayPal has published information on its website that helps users identify phishing scams like this one.

Bookmark and Share

References
PayPal 'Verify to Resolve Account Limitations' Phishing Scam
Phishing Guide



Previous Article            Next Article

Issue 121 Start Menu

Pages in this month's issue:
  1. Bogus Warning - Scammers Asking for Baby Details to Claim Benefits in Your Children's Names
  2. False Claim - Cardiff City Football Club Refused to Donate Club Shirt for Fallen Soldier's Coffin
  3. Summer Chain Email - Blond Hair And Blood Shot Eyes
  4. Facebook Account Reported Phishing Scam
  5. Christmas Tree App Virus Hoax
  6. Sears Supports Reservist Employees Email Forward
  7. False Claim - Colour Photographs of Hitler Taken by American Life Photographer
  8. Budweiser Frogs Virus Hoax
  9. Phone Text Message Lottery Scams
  10. Skype TopUp Payment PayPal Phishing Scam
  11. Hoax - Mark Zuckerberg Blames Facebook Porn Attack on the Philippines
  12. 'DGTFX Virus' Email Account Phishing Scam
  13. Recent Facebook Porn Attack Highlights Dangers of Misleading 'Security' Warnings
  14. False - Send Christmas Cards for Recovering Soldiers to Queen Elizabeth Hospital
  15. Christmas Cards for Recovering American Soldiers
  16. Starbucks Coffee Free Gift Card Survey Scam
  17. Facebook 'Virus' Warning - 'Nobody can watch this for more than 15 seconds' Video
  18. Advance Fee Scam - British National Lottery Promo Programme
  19. Live Ants In The Brain Hoax
  20. Hoax - Albany Bread Poisoned by Staff
  21. PayPal 'Verify to Resolve Account Limitations' Phishing Scam
  22. Red Bull Car Adverts Money Laundering Scam
  23. Hoax - Facebook Shutting Down on March 15
  24. False Warning - Red Dot Inside a Red Square On Chocolate Bars Indicates That Product Contains A Pork Derivative
  25. IT Service Desk 'Scheduled Maintenance & Upgrade' Phishing Scam
  26. Abandoned Two Week Old Sydney Baby Prayer Request
  27. Protest Message - Prison Sentence for Spray Painting Poppy on Mosque
  28. Protest Message - Dog Named 'Parrot' Shot by Police
  29. Inaccurate Protest Message - Poundland and Bodyshop Banning Staff From Wearing Poppies
  30. Apple Store Account Phishing Scam