Wow, you need to be really careful about phishing scams. I have got genuine Emails from Paypal that say, Resolution Center: Your account is limited.
And they have been genuine. I have gone into Paypal manually by NOT clicking on a link in the Email and had to update things. (And also after getting into Paypal I check the address again and also the title bar, plus the security certificate as it is a secure connection using a link of the form https://www.paypal.com I believe the reason my account is limited is because I make Paypal payments sometimes from here in Kuwait sometimes while directly connected to the Internet and sometimes via Anonymizer proxy which makes it look like I am located in the United States. (If you didn’t know, a web site can see the IP address that your computer has and then lookup who owns that address to see where you are) So Paypal figures that how can someone make payments from different places so closely together.
I just got an Email the same thing but it didn’t look quite right. So I looked at the message and there were some typos and also the link in the Email (can I say again, never click links in Emails!)
So how did this Phishing Email get to me with such timing? Though it looks like the site is not working. The idea in these scams is to get you to go to a site that looks like Paypal so they can get your password etc. as you login thinking it is Paypal!
So, be paranoid!
The link in the bogus Email is in hexadecimal to a website in India which doesn’t work now. The site by looking up the IP address in with a whois query on the site address gives:
person: Vijay Menezes
nic-hdl: VM14-AP
e-mail: vijaym@hathway.net
address: Trade World, B Wing, 10th Floor, Kamla Mills Compound,
address: Lower Parel,
address: Mumbai 400013
phone: +91 022 56623333
fax-no: +91 022 24933355
country: IN
changed: vijaym@hathway.net 20040419
mnt-by: MAINT-IN-HATHWAY
source: APNIC
I guess the ^$!*%# fellow who is doing this scam got caught? The link buried in the source of the scam Email is: which translates into: in decimal format. And fortunately the site doesn’t work anymore, you get:
Network Error (tcp_error)
A communication error occurred: “Operation timed out”
The Web Server may be down, too busy, or experiencing other problems preventing it from responding to requests. You may wish to try again at a later time.For assistance, contact your network support team.
Plus, the latest version of Firefox sees this as a reported web forgery giving this message.
I haven’t tried it with MS Internet Explorer 7 yet to see what happens as there is a new anti-phishing feature in MS Internet Explorer 7. MS Internet Explorer 6 will just try to go to the page and in this case will not find it as it is not, fortunately, online anymore.
Below is the genuine Email from Paypal, not there are no links in the Email! See their important sentence in bold. (On the following Emails I’ve removed my personal information.)
From: service@intl.paypal.com
Subject: Notification of Limited Account Access
To: misterian
Dear misterian,
As part of our security measures, we regularly screen activity in the PayPal system. During a recent screening, we noticed an issue regarding your account.
Case ID Number:
For your protection, we have limited access to your account until additional security measures can be completed. We apologize for any inconvenience this may cause.
To review your account and some or all of the information that PayPal used to make its decision to limit your account access, please visit the Resolution Center. If, after reviewing your account information, you seek further clarification regarding your account access, please contact PayPal by visiting the Help Center and clicking "Contact Us".
We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.
Sincerely,
PayPal Account Review Department
Copyright (c) 1999-2006 PayPal. All rights reserved.
PayPal Email ID XXXXXX
And here is the bogus one, I put the obvious spelling and grammar errors in bold text. And where the link was in bold and italics. Plus as I say again notice how the Paypal Email doesn’t have a link and this one does. Clearly this is a modified version of an actual message from Paypal.
From: PayPal service@paypay.com
Sent: Monday, March 05, 2007 2:08 AM
Subject: Resolution Center: Your account is limited.
PayPal is constantly working to ensure security by regularly screening
the accounts in our system. We recently reviewed your account, and we need
more information to help us provide you with secure service. Untill we can
collect this information, your access to sensitive account features will be
limited. We would like to restore your access as soon as possible, and we
apologize for the inconvenience.
This is done for your protection only you, the recipient of this email can
take the next step in the remove limitation process.
Why is my account access limited?
March. 04, 2007: We have reason to believe that your account was accessed by
a third party. Because protecting the security of your account is our primary
concern, we have limited access to sensitive PayPal account features.
We understand that this may be an inconvenience but please understand that
this temporary limitation is for your protection.
(Your case ID for this reason is PP-141-663-845.)
How can I restore my account access?
Please visit the Resolution Center and complete the
<em><strong>"Steps to Remove Limitations"</strong>
Completing all of the checklist items will automatically restore your
account access.
Thank you for using PayPal!
The PayPal Team
PROTECT YOUR PASSWORD
NEVER give your password to anyone, including PayPal employees. Protect
yourself against fraudulent websites by opening a new web browser (e.g.
Internet Explorer or Netscape) and typing in the PayPal URL every time
you log in to your account.
Please do not reply to this email. This mailbox is not monitored and
you will not receive a response. For assistance, log in to your PayPal
account and click the Help link located in the top right corner of any
PayPal page.
PayPal Email ID PP315
Leave a Reply