Tech Giants

Fake Email from PayPal Cloned Sites

Do you enter your paypal emailid and passwords without looking at the URL in your browser? If you are kindly stop doing the same. Here is a very strong reason why I say this:

1. Today I received an email which you can very well see below.

2. It says that your pay pal account has been de-activated and kindly click to activate. When I click on the link it opened a page which looked like below.

3. I thank God that I am more of a net savy and I cared to Check the url of the website opened. It was not https://paypal.com but http://following.ns8-wistee.fr/www.paypal.com/cgi-bin/us/security/update-paypal/service-peyment/update/login.aspx/

4. I again thank God that I was able to see that before I entered my real email id’s. However I decided to proceed with the site, and I entered some random email id and password. You can see the that above.

5. After I entered my email Id and Password I can see the following screen which is exactly what you see at the paypal site.

6. Further this site took me to a page where it asked me to enter all my personal details including Credit Card details. The page was again a ditto of the original paypal page. However I somehow missed to take a screen shot of the same. When I went back to the site to take a screen shot, it showed me the page below.

7. The chaps are I suppose smart enough to recognise if the page is being loaded twice from the same IP Address, as they don’t want users to visit there site the second time. May be one of you can try the same URL from your home.

8. Finally Just be careful while you get any such email from any one.

Here are in short a few key points to check when you get such emails:

  • Always check from whom the email has been sent. In my case it was from PaypalSecurity <[email protected]>, which is obviously an invalid email id.
  • Next always check to whom has the mail been sent out to. In my case it was undisclosed-recipients , which means it has been sent to a mass of people with all email id’s in BCC. Paypal will never ever send out a mail to you with your email id in BCC.
  • Finally check for the URL in your browser. All pages from paypal are https , hence check for the same. Plus the opening page should be always https://paypal.com.
  • Also, never ever visit an e-commerce website through a link in your email etc. Always type the address in the address bar manually to be at a safer side.

Kindly spread the word before others get trapped in the loop. I have already reported this to the paypal authorities.

Play safe, its internet and your email id’s are just floating every where like your mobile numbers. 🙁

25 thoughts on “Fake Email from PayPal Cloned Sites

  1. Yes, it’s true and I saw myself the fake email which Abhinav received. The site was an exact copy of the original paypal site and I won’t be surprised if it has already tricked a few people. I spend a lot of time on the net but I don’t exactly go about checking the urls and https certificates. Surely this mail has opened my eyes and I would be more careful in the future.

    Thanks!

  2. i got that e-mail over 5 times and was always detected as spam and as for paypal

    all my handling with it is only by typing the site url myself in the address bar i never clicked some donate link or anything like that

    but as yasser said . only newbies will fall for that .

  3. Yes you are quite true. I currently have close to 4 domains and for all I am using google apps, an excellent package of services for your website and they truly rocks.

    Anyways have you ever tried having your email service with Microsoft, even their services and package rocks and its for FREE. 🙂

    Anyways thanks for your comment

  4. haha yaa very truly and rightly said. If you see the very first comment on this post, you will find Yasser there. Well he is my roomy and he is always so cautious about using his credit cards on net. He always fear that someone can just simply take his credit card credentials.

    I called him when I got this mail and showed him the PayPal login screen without telling him its a fake one. And I could see his reaction.

    The first thing he then said is “I am recalling the places I have used my credit card”.

    HEHE…so ofcourse with new bie getting this mail, it is certain they are trapped.

  5. Hi,

    I have been reading this blog for some time now but never bothered to comment until today. Wanted to let you know that I am a fan and enjoy your work.

    Thanks

  6. Its really easy to send fake emails from websites such as http://fakesend.com

    Always make sure you look at the header of every email when opening emails you think are potentially spoofed, and when in doubt, just go straight to ebay.com or paypal.com

Leave a Reply