Paypal fraud attempt
Discussion
A word of warning to Paypal users. I had an email apparently from Paypal this morning advising me that a request for payment had been received from some Italian sounding bloke for 699 pounds, and on checking my Paypal account the request was there awaiting approval. The Paypal fraud line number in the email turned out to be the fraud itself! After a long and increasing fraught conversation with some woman I decided that this probably wasn't Paypal's number despite the payment request appearing in my Paypal account. Eventually I cancelled the invoice request via my Paypal account, cancelled my credit card pinned to my PP account, and changed my PP password.
The lesson is do not call the fraud line given in the apparent Paypal email if you get one. It's a clever scam and I nearly fell for it. The origin of the email was apparently Paypal and the links contained in it were to Paypal, not some gibberish address as is usually the case when you hover over them.
A bit of research suggests this is new and the real fraud is the fraud line number which puts you through to what you assume is the Paypal security centre.
The lesson is do not call the fraud line given in the apparent Paypal email if you get one. It's a clever scam and I nearly fell for it. The origin of the email was apparently Paypal and the links contained in it were to Paypal, not some gibberish address as is usually the case when you hover over them.
A bit of research suggests this is new and the real fraud is the fraud line number which puts you through to what you assume is the Paypal security centre.
motco said:
A word of warning to Paypal users. I had an email apparently from Paypal this morning advising me that a request for payment had been received from some Italian sounding bloke for 699 pounds, and on checking my Paypal account the request was there awaiting approval. The Paypal fraud line number in the email turned out to be the fraud itself! After a long and increasing fraught conversation with some woman I decided that this probably wasn't Paypal's number despite the payment request appearing in my Paypal account. Eventually I cancelled the invoice request via my Paypal account, cancelled my credit card pinned to my PP account, and changed my PP password.
The lesson is do not call the fraud line given in the apparent Paypal email if you get one. It's a clever scam and I nearly fell for it. The origin of the email was apparently Paypal and the links contained in it were to Paypal, not some gibberish address as is usually the case when you hover over them.
A bit of research suggests this is new and the real fraud is the fraud line number which puts you through to what you assume is the Paypal security centre.
What was the email address that it had come from? That is normally a good indicator as to whether it's genuineThe lesson is do not call the fraud line given in the apparent Paypal email if you get one. It's a clever scam and I nearly fell for it. The origin of the email was apparently Paypal and the links contained in it were to Paypal, not some gibberish address as is usually the case when you hover over them.
A bit of research suggests this is new and the real fraud is the fraud line number which puts you through to what you assume is the Paypal security centre.
The OH had this. She phoned PayPal via the number on their website, not the one on the email. They told her it was legit! Obviously what they meant was that it was a real invoice, which it was, even though the motives of the person sending it were fraudulent. Anyway, she knew she didn't owe anyone £600 so she ignored it.
Cyberprog said:
NikBartlett said:
Using 2 factor authentication would prevent this.
No it wouldn't.Always double check phone numbers in emails against the companies websites before ringing.
martinbiz said:
motco said:
A word of warning to Paypal users. I had an email apparently from Paypal this morning advising me that a request for payment had been received from some Italian sounding bloke for 699 pounds, and on checking my Paypal account the request was there awaiting approval. The Paypal fraud line number in the email turned out to be the fraud itself! After a long and increasing fraught conversation with some woman I decided that this probably wasn't Paypal's number despite the payment request appearing in my Paypal account. Eventually I cancelled the invoice request via my Paypal account, cancelled my credit card pinned to my PP account, and changed my PP password.
The lesson is do not call the fraud line given in the apparent Paypal email if you get one. It's a clever scam and I nearly fell for it. The origin of the email was apparently Paypal and the links contained in it were to Paypal, not some gibberish address as is usually the case when you hover over them.
A bit of research suggests this is new and the real fraud is the fraud line number which puts you through to what you assume is the Paypal security centre.
What was the email address that it had come from? That is normally a good indicator as to whether it's genuineThe lesson is do not call the fraud line given in the apparent Paypal email if you get one. It's a clever scam and I nearly fell for it. The origin of the email was apparently Paypal and the links contained in it were to Paypal, not some gibberish address as is usually the case when you hover over them.
A bit of research suggests this is new and the real fraud is the fraud line number which puts you through to what you assume is the Paypal security centre.
Paypal (the real one) had an invoice requesting payment. Knowing it was a fake you phone their fraud department using the number on the email that comes from Paypal (how would you know it didn't when the kosher website also showed it - there were no 'iffy' links, all were back to Paypal when hovered over. The person on the other end, whom you have no reason to doubt since you phoned them, not vice versa, tells you what to do to cancel the invoice. It had non sequiturs which began to rings alarm bells and I hung up and went back to the Paypal website and followed the none-too obvious route to cancel the request. The fraudster had raised another £699 invoice and another for thousands of $US. The purpose was obviously to cause panic which might well work with some. It was when the woman (strong nondescript foreign accent) began to get agitated the mask fell away. To reinforce the rejection I changed my Paypal password, removed the default credit card from Paypal, and cancelled the card.
My favourite was I received an email with TV licensing logos saying that my TV license has just expired, just click on this dodgy link and insert all your details to renew it.
I almost fell for it, but then I remembered… hang on, I didn’t even have a tv license. Or a TV! I just stream everything I need to watch… Netflix, Amazon Prime, YouTube etc etc
The latest scam I’ve received is some random stranger trying to start a conversation with me on WhatsApp. Their profile photo is someone I don’t recognise and the phone number is not in my contacts list but a number from south east Asia. Ignored and deleted.
Luckily I’m tight fisted, cynical and don’t talk to many people.
I almost fell for it, but then I remembered… hang on, I didn’t even have a tv license. Or a TV! I just stream everything I need to watch… Netflix, Amazon Prime, YouTube etc etc
The latest scam I’ve received is some random stranger trying to start a conversation with me on WhatsApp. Their profile photo is someone I don’t recognise and the phone number is not in my contacts list but a number from south east Asia. Ignored and deleted.
Luckily I’m tight fisted, cynical and don’t talk to many people.
Edited by Mr Miata on Wednesday 9th November 00:20
NikBartlett said:
If you set up 2 factor authentication to be a txt to your phone with a random 6 digit ID then the transaction cannot be completed without this 6 digit ID and surely will not be on your account.
You are entirely missing the point of the scam.They are essentially sending you a speculative invoice then tricking you into paying it.
Eg, I setup a fake company, sign up to paypal with the ability to send customers invoices. I send you an invoice, but in the email I attach to the invoice I don't say it is an invoice, I say its an email from paypal's fraud deparment saying we think this invoice is fraudulent.
The email does come directly from paypal, you check your account and there is a pending invoice so it looks completely legit, and the only person who has ever accessed your account is you, all the scammer needed was your email address and for you to be a paypal user.
So then you phone the number in the email, talk to scammer you believe to be paypal, at some point they convince you to click approve so they can trace where the money would be going or something along those lines, don't worry its already flagged your card won't be charged, so you say ok, anything to help paypal tracing these damn fraudsters and you end up paying it. Still no one accesses your account except you.
e-honda said:
NikBartlett said:
If you set up 2 factor authentication to be a txt to your phone with a random 6 digit ID then the transaction cannot be completed without this 6 digit ID and surely will not be on your account.
You are entirely missing the point of the scam.They are essentially sending you a speculative invoice then tricking you into paying it.
Eg, I setup a fake company, sign up to paypal with the ability to send customers invoices. I send you an invoice, but in the email I attach to the invoice I don't say it is an invoice, I say its an email from paypal's fraud deparment saying we think this invoice is fraudulent.
The email does come directly from paypal, you check your account and there is a pending invoice so it looks completely legit, and the only person who has ever accessed your account is you, all the scammer needed was your email address and for you to be a paypal user.
So then you phone the number in the email, talk to scammer you believe to be paypal, at some point they convince you to click approve so they can trace where the money would be going or something along those lines, don't worry its already flagged your card won't be charged, so you say ok, anything to help paypal tracing these damn fraudsters and you end up paying it. Still no one accesses your account except you.
TonyRPH said:
motco said:
service@paypal.co.uk
You need to look in the actual email headers - it's easy to change the visible email address, however I bet the address in the email headers is different, or the originating email server is not one of Paypal's servers (more than likely this).The IP address belongs to Paypal 173.0.84.228
motco said:
The person on the other end, whom you have no reason to doubt since you phoned them, not vice versa, tells you what to do to cancel the invoice. It had non sequiturs which began to rings alarm bells and I hung up and went back to the Paypal website and followed the none-too obvious route to cancel the request. The fraudster had raised another £699 invoice and another for thousands of $US. The purpose was obviously to cause panic which might well work with some. It was when the woman (strong nondescript foreign accent) began to get agitated the mask fell away. .
OP I'm a bit confused... The lady you spoke to on the phone - you think she was genuine a Paypal person, or the fraudster?Gassing Station | Speed, Plod & the Law | Top of Page | What's New | My Stuff