PayPal Notification Scam

by on 07/02/2010 in Scams & Hoaxes, Security

PayPal Notification ScamA large number of spam emails are currently prompting their recipients to restore their alleged PayPal account by clicking on a link in the email. The included link appears to lead to an infected website that the perpetrators may have injected with all sorts of malicious content, for example pharmacy advertisements, malicious JavaScript code, or both.

These emails aren’t from PayPal and you should delete them immediately. PayPal will never ask you for personal information by way of email.

Example Email

From: PayPal <maintenance@cmd-web-pp.com>
Subject: Notification ID: NNTIJKOVHR
To:

As part of our security measures, we regularly screen activity in the system.
We recently contacted you after noticing an issue on your account.
We requested information from you for the following reason:

- We have observed activity in this account that is unusual or potentially high risk.

Please download the form attached to this email and open it in a web browser.
Once opened, you will be provided with steps to restore your account access.
We appreciate your understanding as we work to ensure account safety.

Sincerely,
Account Review Department

If this was an email from PayPal, it would come from @paypal.com and not from maintenance@cmd-web-pp.com.

You should always check your PayPal account for any messages that require action from PayPal and not from an email notification. The only email you will receive from PayPal is receipts from a purchase or payment.

3 Responses to “PayPal Notification Scam”

  1. Vipin @ Romantic SMS

    Jul 3rd, 2010

    i also got some of the mails from fake users. But one thing i would like to say here is these guys are so clever. I mean i know that these are fake mails and don’t click on the link but think about a normal user who is not techy as we are, can be fooled by these mails and in turn can be a huge damage.

  2. shabana

    Jul 5th, 2010

    well yet another type of scam and now it is on the name of pay-pal. i had received many email id spam asking me to provide my username , passwords and more information on my yahoo account , its the same they ask for information regarding your account or they have links mailed into your inbox which when clicked sends your detailed email information as a cookie file from your computer to his website (server), it IS THEREFORE HIGHLY RECOMMENDED NOT TO CLICK ANY UNKNOWN URL IN YOUR INBOX.

  3. Andrew @ Blogging Guide

    Jul 5th, 2010

    I agree with you Vipin, there are some people that are not techy or just first-time users of the internet, they’re the most vulnerable to these kinds of attacks. I guess what we can do is to help spread this information as fast as possible and every possible way we can so they can be warned.