Fake Email from PayPal Cloned Sites

Do you enter your paypal emailid and passwords without looking at the URL in your browser? If you are kindly stop doing the same. Here is a very strong reason why I say this:

1. Today I received an email which you can very well see below.

2. It says that your pay pal account has been de-activated and kindly click to activate. When I click on the link it opened a page which looked like below.

3. I thank God that I am more of a net savy and I cared to Check the url of the website opened. It was not https://paypal.com but http://following.ns8-wistee.fr/www.paypal.com/cgi-bin/us/security/update-paypal/service-peyment/update/login.aspx/

4. I again thank God that I was able to see that before I entered my real email id’s. However I decided to proceed with the site, and I entered some random email id and password. You can see the that above.

5. After I entered my email Id and Password I can see the following screen which is exactly what you see at the paypal site.

6. Further this site took me to a page where it asked me to enter all my personal details including Credit Card details. The page was again a ditto of the original paypal page. However I somehow missed to take a screen shot of the same. When I went back to the site to take a screen shot, it showed me the page below.

7. The chaps are I suppose smart enough to recognise if the page is being loaded twice from the same IP Address, as they don’t want users to visit there site the second time. May be one of you can try the same URL from your home.

8. Finally Just be careful while you get any such email from any one.

Here are in short a few key points to check when you get such emails:

  • Always check from whom the email has been sent. In my case it was from PaypalSecurity <[email protected]>, which is obviously an invalid email id.
  • Next always check to whom has the mail been sent out to. In my case it was undisclosed-recipients , which means it has been sent to a mass of people with all email id’s in BCC. Paypal will never ever send out a mail to you with your email id in BCC.
  • Finally check for the URL in your browser. All pages from paypal are https , hence check for the same. Plus the opening page should be always https://paypal.com.
  • Also, never ever visit an e-commerce website through a link in your email etc. Always type the address in the address bar manually to be at a safer side.

Kindly spread the word before others get trapped in the loop. I have already reported this to the paypal authorities.

Play safe, its internet and your email id’s are just floating every where like your mobile numbers. 🙁

  • Yasser

    Yes, it’s true and I saw myself the fake email which Abhinav received. The site was an exact copy of the original paypal site and I won’t be surprised if it has already tricked a few people. I spend a lot of time on the net but I don’t exactly go about checking the urls and https certificates. Surely this mail has opened my eyes and I would be more careful in the future.

    Thanks!

  • Hehe i hope it helps some fool like yasser .. (with no disrespect to yasser ) 😛

    nice find !!

  • Yasser

    Stay hungry, stay foolish.

    As said by the great Steve Jobs! 😀

  • i got that e-mail over 5 times and was always detected as spam and as for paypal

    all my handling with it is only by typing the site url myself in the address bar i never clicked some donate link or anything like that

    but as yasser said . only newbies will fall for that .

  • Yes correctly said, all newbies will easily fall into this trap. No doubt about it.

  • God save the newbies!

  • You should always forward the fraud websites to [email protected]. They’re hardcore trying to go after the people that do this stuff.

  • Thanks for the info. I have forwarded the same to [email protected] also.

  • We should always check the url while entering sensitive data. I easily tricked all my friends with it.
    http://geniushackers.com/blog/2008/06/06/protect-yourself-from-fake-login-pages/

  • Thanks satish, you have a cool demo up thr 🙂

  • thanq 🙂

  • Sowmya

    thats an eye opener…thanks a lot for sharing the info 🙂

  • Barry Snyder

    Reading stuff like this makes me wonder why more people are aware of internet scams

  • I used to report phishing attempts to paypal at least 3 times per week. Now I use google’s hosted email for my domain and take advantage of the spam filtering within google. I must say since I moved to google’s hosted service I have not seen a phishing mail land in my inbox. Well worth it (free) http://www.google.com/a/help/intl/en/index.html

  • Yes you are quite true. I currently have close to 4 domains and for all I am using google apps, an excellent package of services for your website and they truly rocks.

    Anyways have you ever tried having your email service with Microsoft, even their services and package rocks and its for FREE. 🙂

    Anyways thanks for your comment

  • DG

    It’s grate, you were trapped on the same day, when Gmail announced their alliance with eBay and PayPal for anti-phishing.

    Also, the guys were smart but didn’t encrypted links, that’s why you have tracked earlier.

    Check out this post on my blog “Google AdWords account pry to scam

    Link: http://www.ditii.com/2008/06/20/google-adwords-account-pry-to-scam/

    DG…

  • Yaa got to know about the same…..I can just laugh over that….

    Anyways nice blog you have up there 🙂

  • Pingback: Paypal kullan?c?lar? i?in ?nemli bir uyar?! - Webmaster Forumu()

  • neeraj

    o_O
    that was really nice to put together …

    even god cannt save the newbies from these things

  • haha yaa very truly and rightly said. If you see the very first comment on this post, you will find Yasser there. Well he is my roomy and he is always so cautious about using his credit cards on net. He always fear that someone can just simply take his credit card credentials.

    I called him when I got this mail and showed him the PayPal login screen without telling him its a fake one. And I could see his reaction.

    The first thing he then said is “I am recalling the places I have used my credit card”.

    HEHE…so ofcourse with new bie getting this mail, it is certain they are trapped.

  • The site abhinavsingh.com is amazing site, respect, webmaster.

  • The abhinavsingh.com is good site.
    Good job, webmaster.

  • Bixawansing

    Hi,

    I have been reading this blog for some time now but never bothered to comment until today. Wanted to let you know that I am a fan and enjoy your work.

    Thanks

  • Andrew R

    Its really easy to send fake emails from websites such as http://fakesend.com

    Always make sure you look at the header of every email when opening emails you think are potentially spoofed, and when in doubt, just go straight to ebay.com or paypal.com

  • sandrar

    Hi! I was surfing and found your blog post… nice! I love your blog. 🙂 Cheers! Sandra. R.