FRAUD?

[cj]

I received an e-mail last night from Paypal - the relevant bit is below.

We recently noticed an attempt to log in to your PayPal account from France, a foreign IP address and we have reason to believe that your account was used by a third party without your authorization.

If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. Therefore, if you are the rightful account holder, click on the link below to log into your account and follow the instructions.

https://www.paypal.com/cgi-bin/webscr?cmd=_login-run

If you choose to ignore our request, you leave us no choice but to temporarily suspend your account.

We haven't been abroad, and the only online account we have is with Worldpay for our veg box. Are they the same company?

It says that "an attempt was made to log in" but also that "the account was used". Can it be used without my very unobvious password?

The link takes you to a page where I was asked to give our address, bank account and PIN numbers to cards I use. I always assumed that this was not standard procedure so called their USA office. They weren't open for business - have no idea of the time difference - but the recorded message said they never ask for personal or bank details and if you receive a message asking you to do this to send it to their fraud department. So I did.

Hubby has told the bank, I have also told the veg box people and checked our account online. No unexpected payments have occurred.

Am now having a complete paddy! Can someone tell me whether this is likely to be fake or am I making a mountain out of a molehill? Am considering keeping all money under the floorboards at home and paying for everything in cash.

[Vonny]

It's fake! I get this sort of thing a lot from various banks, most of which I don't even have an account with. My hubby has had similar emails to this Paypal one and just deletes them.

[cj]

Vonny, thanks. I've had ones from banks before but this one seemed more relevant to us somehow. I had a sleepless night over it last night!!

[englishangel]

This is a scam. No-one but no-one would ask for card PINs.

Someone did hack into 'my ebay' and made a nuisance of themselves asking for details of mobile phones, mainly in Oz for some reason, so I had to email and explain it wasn't me. But I don't think there was any money involved.

[Mid A 15]

I received an e-mail last night from Paypal - the relevant bit is below.

We recently noticed an attempt to log in to your PayPal account from France, a foreign IP address and we have reason to believe that your account was used by a third party without your authorization.

If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. Therefore, if you are the rightful account holder, click on the link below to log into your account and follow the instructions.


https://www.paypal.com/cgi-bin/webscr?cmd=_login-run


If you choose to ignore our request, you leave us no choice but to temporarily suspend your account.

We haven't been abroad, and the only online account we have is with Worldpay for our veg box. Are they the same company?

It says that "an attempt was made to log in" but also that "the account was used". Can it be used without my very unobvious password?

The link takes you to a page where I was asked to give our address, bank account and PIN numbers to cards I use. I always assumed that this was not standard procedure so called their USA office. They weren't open for business - have no idea of the time difference - but the recorded message said they never ask for personal or bank details and if you receive a message asking you to do this to send it to their fraud department. So I did.

Hubby has told the bank, I have also told the veg box people and checked our account online. No unexpected payments have occurred.

Am now having a complete paddy! Can someone tell me whether this is likely to be fake or am I making a mountain out of a molehill? Am considering keeping all money under the floorboards at home and paying for everything in cash.

This reads like a variation of the "phising" scam to me.

Normally you get an e mail purporting to be from your bank asking you to confirm details. You know it's a scam when banks you've never dealt with e mail you!

They are possibly trying the same sort of exercise with paypal. I'll check with my daughter but I think she received something similar a year or so ago. I think she ignored it but like you took the precaution of informing her bank etc.

Here's a little bit on how it works. I'm NOT recommending the company.

http://lenglover.blogspot.com/2006/07/phising.html

[cj]

No-one but no-one would ask for card PINs.

That's what made me immediately suspicious. It's completely irrelevant for online transactions. I feel a bit daft, but I got really worried!

[sejintenej]

A pretty general rule is that IF such a message is received NEVER EVER click on the link supplied. It probably connectys to a quite different website which will appear to be that of your bank etc but certainly is not.

If the email might relate to you use the web site address which the bank gave you or, better, ring your branch.

Catherine: in your case you clicked the link and even though you didn't answer any questions they now know your connection address, a lot of other info and they realise that you could be interested in Paypal as a customer so it is very possible that they will contact you again.

The chances of their wasting time on your PC are slight but be prepared. Go into Internet Explorer or whatever browser you use and clear the cache, saved form information and passwords so that the last passwords and links you used are gone. Then ensure that your firewall is as good as you can get it just in case they try to break into your PC.

Just be doubly suspicious of such contacts. Even if Paypal themselves do try to contact you they will understand if you treat their message as phishing.

[cj]

Catherine: in your case you clicked the link and even though you didn't answer any questions they now know your connection address, a lot of other info and they realise that you could be interested in Paypal as a customer so it is very possible that they will contact you again.

Thanks for all the advice. What sort of information can they get by me clicking the link but not giving specific details?

[cj]

http://www.youtube.com/watch?v=aE2eDfIHT-U&NR=1

Nothing is ever quite what it seems - bear wiith it to the end!

[J.R.]

I received an e-mail last night from Paypal - the relevant bit is below.

We recently noticed an attempt to log in to your PayPal account from France, a foreign IP address and we have reason to believe that your account was used by a third party without your authorization.

If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. Therefore, if you are the rightful account holder, click on the link below to log into your account and follow the instructions.

https://www.paypal.com/cgi-bin/webscr?cmd=_login-run

If you choose to ignore our request, you leave us no choice but to temporarily suspend your account.

We haven't been abroad, and the only online account we have is with Worldpay for our veg box. Are they the same company?

It says that "an attempt was made to log in" but also that "the account was used". Can it be used without my very unobvious password?

The link takes you to a page where I was asked to give our address, bank account and PIN numbers to cards I use. I always assumed that this was not standard procedure so called their USA office. They weren't open for business - have no idea of the time difference - but the recorded message said they never ask for personal or bank details and if you receive a message asking you to do this to send it to their fraud department. So I did.

Hubby has told the bank, I have also told the veg box people and checked our account online. No unexpected payments have occurred.

Am now having a complete paddy! Can someone tell me whether this is likely to be fake or am I making a mountain out of a molehill? Am considering keeping all money under the floorboards at home and paying for everything in cash.

This reads like a variation of the "phising" scam to me.

Normally you get an e mail purporting to be from your bank asking you to confirm details. You know it's a scam when banks you've never dealt with e mail you!

They are possibly trying the same sort of exercise with paypal. I'll check with my daughter but I think she received something similar a year or so ago. I think she ignored it but like you took the precaution of informing her bank etc.

Here's a little bit on how it works. I'm NOT recommending the company.

http://lenglover.blogspot.com/2006/07/phising.html

On the latest updates we got on Internet explorer, we can and do run a continual phising screen.

Any e-mails purporting to come from banks, we report and send a copy to their head-office.

The one thing you must watch out for at the moment, is if you use a wireless computer router at home. If you are on line, it IS possible for people sitting outside your home in a car, using a lap-top, to read details from your computer and obtain pass-words and bank details !

[jtaylor]

You'll often find a link which looks innocent, but actually isn't - the URL behind the link is different from the text displayed

e.g. click on this:- www.microsoft.com (this IS safe to click on!)

If you're worried that an email might be a genuine warning (i.e. from PayPal saying that your account might be compromised) then manually go to their web address, and login as usual. NEVER click on the link provided, as it could be similar to the above example.
Once you've then logged-on you should find any messages or warnings if there are any....

Julian

[cj]

Is there a national online fraud organisation that one can report these things to, other than getting in touch with the companies the messages are purported to be from? Or is it not worth it?

[Euterpe13]

I get dozens of these phishing mails a month - sometimes from banks with whom I dont even have an account - they go straight into the trash can. You can check origin of mail by clicking on "properties" of the message, which should bring up the tracking to original sender.

The legitimate Paypal site has a link to report these scam mails, and they ask you to forward them to Paypal - helps them to track down and block the offenders.

As Julian says, if in doubt , go manually via your browser to the bank's site and check information there. And remember that no legitimate bank, creditcard company or other financial institution will EVER ask you for your PIN - so dont ever give it !

[Happy]

I have spoken with Paypal a couple of times over this and nothing seems to come of it.

There is also an issue of telephone calls where they claim to be from somewhere like BT and then ask you to confirm your name and address before they will talk to you on some pretext.

BT actually do this which is what makes it hard. Usually, I just disconnect the call - if it is BT or someone you have dealings with, they will write to you anyway.

[Jude]

Catherine - please don't worry - as long as you never give out your card details or your pin you are safe. Phishing is the latest of a whole host of online attempts to hijack money from people. A list of ones received lately from a local pc (I am so tight I don't seem to get them! - er security wise!)
using banks names : with the following types of message
Barclays/ Lloyds/ Nationwide : your account is about to be suspended, if you do not wish this to happen please pay into this account ....
or you have missed a payment to us....

I got almost done years ago by Ebay International - I took a very strongly worded letter from me (well when else can I use all those words?) explaining that I had never purchased , sold, or even bid against anything in Ebay International and where to go... I have never heard from them since!