［Paypal新手看过来］假Paypal邮件盗窃paypal账号密码

[西西妈]

本妈最近开通了自己的paypal账户，今天早上收到一封邮件，如下：

You sent a paymentTransaction ID: 281138078J760221L
Dear（注意，没有姓名称呼）,

You sent a payment for 251.05 Canadian Dollar (CAD)to Evolution RC Ltd.

Please note that it may take a little while for this payment to appear in the Recent Activity list on your Account Overview.

If you want to cancel the operation click here follow the instructions, including credit card and other information.

Amount:£251.00 GBP
Sent on:28 November 2013
Yours sincerely,
PayPal

Help Centre | Resolution Centre | Safety Advice

Please do not reply to this email because we are not monitoring this inbox. To get in touch with us, log in to your account and click "Contact Us" at the bottom of any page.

Copyright © 2013 PayPal. All rights reserved.

PayPal (Europe) S.Ã r.l. et Cie, S.C.A.
Société en Commandite par Actions
Registered office: 22-24 Boulevard Royal, L-2449 Luxemburg
RCS Luxemburg B 118 349

PayPal Email ID PP118

 

[西西妈]

是时老娘正跟俺说话，脑袋里面嗡！老娘说啥也没听见，问完等老妈重复了赶紧上Paypal网站查看付款记录，－－－木有新动向。立马点去paypal网页的
浏览附件407023

阅读完毕后按照以下步骤转发该email给paypal

Phishing is an illegal attempt to "fish" for your private, sensitive information. If you believe you've received a phishing email, follow these steps:

1. Forward the entire email to spoof@paypal.com.
2. Do not alter the subject line or forward the message as an attachment.
3. Delete the suspicious email from your email account.

邮件发出后一分钟内收到paypal确认邮件如下：

Dear 西西妈,

Thank you for being a proactive contributor by reporting
suspicious-looking emails to PayPal’s Abuse Department. Our security
team is working to identify if the email you forwarded to us is a
malicious email.

Paypal Will Always:

• Address our customers by their first and last name or business name of
their PayPal account

Paypal Will Never:

• Send an email to: “Undisclosed Recipients” or more than one email
address
• Ask you to download a form or file to resolve an issue
• Ask in an email to verify an account using Personal Information such
as Name, Date of Birth, Driver’s License, or Address
• Ask in an email to verify an account using Bank Account Information
such as Bank Name, Routing Number, or Bank Account PIN Number
• Ask in an email to verify an account using Credit Card Information
such as Credit Card Number or Type, Expiration Date, ATM PIN Number, or
CVV2 Security Code
• Ask for your full credit card number without displaying the type of
card and the last two digits
• Ask you for your full bank account number without displaying your bank
name, type of account (Checking/Savings) and the last two digits
• Ask you for your security question answers without displaying each
security question you created
• Ask you to ship an item, pay a shipping fee, send a Western Union
Money Transfer, or provide a tracking number before the payment received
is available in your transaction history

READ!

Any time you receive an email about changes to your PayPal account, the
safest way to confirm the email’s validity is to log in to your PayPal
account where any of the activity reported in the email will be
available to view. DO NOT USE THE LINKS IN THE EMAIL RECEIVED TO VISIT
THE PAYPAL WEBSITE. Instead, enter www.paypal.com into your browser to
log in to your account.

What is a phishing email?

You may have received an email falsely claiming to be from PayPal or
another known entity. This is called "phishing" because the sender is
"fishing" for your personal data. The goal is to trick you into clicking
through to a fake or "spoofed" website, or into calling a bogus customer
service number where they can collect and steal your sensitive personal
or financial information.

We will carefully review the content reported to us to certify that the
content is legitimate. We will contact you if we need any additional
information for investigating the matter. Please take note to the
security tips provided above as they may help to answer any questions
that you may have about the email you are reporting to us.

Help! I responded to a phishing email!

If you have responded to a phishing email and provided any personal
information, or if you think someone has used your account without
permission, you should immediately change your password and security
questions.

You should also report it to PayPal immediately and we'll help protect
you as much as possible.
1. Open a new browser and type in www.paypal.com.
2. Log in to your PayPal account.
3. Click "Security and Protection" near the top of the page.
4. Click "Identify a problem."
5. Click "I think someone may be using my account without
permission."
6. Click "Unauthorized Account Activity."

Thank you for your help making a difference.

Every email counts. By forwarding a suspicious-looking email to
spoof@paypal.com, you have helped keep yourself and others safe from
identity theft.

Thanks,
The PayPal Team

***********************************************************************

Please do not reply to this email. If you need to follow up, please
follow the steps above to access your account and utilize the Contact Us
resources from our site.

***********************************************************************

 

[西西妈]

两分钟后收到paypal邮件如下：



Hello 西西妈,
Thanks for forwarding that suspicious-looking email. You're right - it
was a phishing attempt, and we're working on stopping the fraud. By
reporting the problem, you've made a difference!
Identity thieves try to trick you into revealing your password or other
personal information through phishing emails and fake websites. To learn
more about online safety, click "Security Center" on any PayPal webpage.
Every email counts. When you forward suspicious-looking emails to
spoof@paypal.com, you help keep yourself and others safe from identity
theft.
Your account security is very important to us, so we appreciate your
extra effort.
Thanks,
PayPal
This email is sent to you by the contracting entity to your User
Agreement, either PayPal Ince, PayPal Pte. Ltd or PayPal (Europe) S.à
r.l. & Cie, S.C.A. Société en Commandite par Actions, Registered Office:
5th Floor 22-24 Boulevard Royal L-2449, Luxembourg RCS Luxembourg B 118
349.


Original Message Follows: ------------------------



Sent from my iPhone

Begin forwarded message:


From: 西西妈@hotmail.com
Date: March ##, #### at #:##:## AM EDT
To: 西西妈@hotmail.com
Subject: PayPal Transaction ID: 281138078J760221L








You sent a payment
Transaction ID: 281138078J760221L
Dear,
You sent a payment for 251.05 Canadian Dollar (CAD)to Evolution RC Ltd.
Please note that it may take a little while for this payment to appear
in the Recent Activity list on your Account Overview.



If you want to cancel the operation click here follow the instructions,
including credit card and other information.


Amount:
£###.## GBP
Sent on:
## November ####
Yours sincerely,
PayPal


Help Centre | Resolution Centre | Safety Advice


Please do not reply to this email because we are not monitoring this
inbox. To get in touch with us, log in to your account and click
"Contact Us" at the bottom of any page.
Copyright © #### PayPal. All rights reserved.

PayPal (Europe) S.Ã r.l. et Cie, S.C.A.
Société en Commandite par Actions
Registered office: ##-## Boulevard Royal, L-#### Luxemburg
RCS Luxemburg B ### ###

PayPal Email ID PP###




至此回头看可疑邮件，发现发信人和收信人都是本妈自己的邮箱！

在此特告paypal新手，分享paypal惊魂。提醒大家警惕！

 

[raid]

wow ，吓人啊！！！！！！！！

 

[西西妈]

楼上两位咋这么快！想分几贴发都木位子了

 

[西西妈]

赶紧着， 换密码！

貌似是‘钓鱼’邮件，来钓我的密码的

 

[西西妈]

换个机器换密码

那么狠

 

[向问天]

那么狠

如果你没按照钓鱼信件输入你的密码， 应该没事。

 

[西西妈]

非也， 就是换个机器换密码， 这都不懂吗？

我是说，黑到我机器里来了吗

 

[西西妈]

我把邮箱密码换了一下。家里就一个电脑，咋整。

 

[西西妈]

把paypal密码换掉too

我赶脚他们没偷成啊，好吧，换掉！这年头，编密码都编白了头！

 

[heureux]

我赶脚他们没偷成啊，好吧，换掉！这年头，编密码都编白了头！

 

[西西妈]

保险起间，把开通时使用的付款信用卡移除paypal帐户了。

 

[西西妈]

不是码工实在冤啊

 

[shimh]

通过手机的网给了他们一个stupid.com的paypal帐号加上白痴的密码。 IE已经报告这个网站不安全。应该不会有人上当。

Paypal本身是安全的。否则，他们就直接去你的帐号了，还用发钓鱼的邮件？