Beware PayPal scam
Hi All,
Just wanted to let everyone know, there is an incredibly realistic PayPal scam going on at the moment. We've received two in the past two days with the subject "You have a money request".
With a message attached:
NOTE FROM Angel Escobar:
quote
We've detected that your PayPal account has been accessed fraudulently. If you did not make this transaction, please call us at toll free number +1 (888) 243-0354 to cancel and claim a refund. If this is not the case, you will be charged $500. 00 today. Within the automated deduction of the amount, this transaction will reflect on PayPal activity after 24 hours. Our Service Hours: (07:00 a. m. to 06:00 p. m. Pacific Time, Monday through Friday).
The real contact number for PayPal is 888-883-9770.
They attach this note and send a genuine request to PayPal, which then sends a real message from PayPal to your account. But, all the details are otherwise bogus. (The "From" clearly states service@paypal.com). By sending the request with the user attached message it looks entirely legitimate. But they are forcing an HTML button and a number of other links which are dangerous.
I have reported both incidents to PayPal, and they have confirmed to me that the requests are bogus, and I will not be "automatically charged" either. Comically, this has been coming to a disused PayPal account that I had previously in Australia, I had forgotten about it actually until I got these two requests. It's a really insidious scheme, because the request does come from another PayPal account, which PayPal will shut down as soon as it's reported.
SO, if you get any unusual, unexpected requests (both of mine have been for odd amounts over $500, but under $600), that you didn't expect/remember buying from someone, report it to phishing@paypal.com they have been very helpful and very appreciative. Now, I cant close that account until all the "transactions are cleared", but PayPal are working with me to help get that resolved as well.
Beware the scammers! This one is REALLY easy to miss.
Just wanted to let everyone know, there is an incredibly realistic PayPal scam going on at the moment. We've received two in the past two days with the subject "You have a money request".
With a message attached:
NOTE FROM Angel Escobar:
quote
We've detected that your PayPal account has been accessed fraudulently. If you did not make this transaction, please call us at toll free number +1 (888) 243-0354 to cancel and claim a refund. If this is not the case, you will be charged $500. 00 today. Within the automated deduction of the amount, this transaction will reflect on PayPal activity after 24 hours. Our Service Hours: (07:00 a. m. to 06:00 p. m. Pacific Time, Monday through Friday).
The real contact number for PayPal is 888-883-9770.
They attach this note and send a genuine request to PayPal, which then sends a real message from PayPal to your account. But, all the details are otherwise bogus. (The "From" clearly states service@paypal.com). By sending the request with the user attached message it looks entirely legitimate. But they are forcing an HTML button and a number of other links which are dangerous.
I have reported both incidents to PayPal, and they have confirmed to me that the requests are bogus, and I will not be "automatically charged" either. Comically, this has been coming to a disused PayPal account that I had previously in Australia, I had forgotten about it actually until I got these two requests. It's a really insidious scheme, because the request does come from another PayPal account, which PayPal will shut down as soon as it's reported.
SO, if you get any unusual, unexpected requests (both of mine have been for odd amounts over $500, but under $600), that you didn't expect/remember buying from someone, report it to phishing@paypal.com they have been very helpful and very appreciative. Now, I cant close that account until all the "transactions are cleared", but PayPal are working with me to help get that resolved as well.
Beware the scammers! This one is REALLY easy to miss.
Comments
Over the years I have been entertained by YouTube videos by people who mess with phone scammers, with the scammers usually set up somewhere in India. This past summer I switched my phone service to the least expensive I could find, a company called Easy Wireless. They specialize in free phone plans from the government for individuals who qualify based on income. They had just started up a monthly phone service for only $5.20, with anyone qualifying even if not meeting the low income threshold. Since I rarely use my phone (maybe once a month at most), this seemed like a good deal to me. So I switched over their service.
About two months after starting their service, I turned my phone on to make a call. My call was blocked, with a message stating that I owed $7.20. I needed to call a number to take care of this charge before any calls would be allowed to go through. I did so and got a service center that was obviously located in India based upon the accent of the person who was talking to me. I asked about this charge to my account and that person stated that they first needed to verify my account. So they started asking me for all kinds of information. When they asked for my full Social Security number, I balked. I asked them why they needed this and they just kept repeating that it was necessary to verity my account. I got upset, started yelling at them that I wasn't going to give them my Social Security number and demanded that they shut down my account. They just kept asking for my Social Security number, so I finally yelled, "You're located in India, aren't you?" Just like that they said that they would close my account and ended the call.
The next day I went into the Easy Wireless office here in Duncan to make sure the account was closed. They said that it was. So that was the end of that. But I never did find out about that $7.20 charge against my account and was never asked again to pay it.
Those YouTube videos I have seen in the past have stated that in some of these call centers in India the employees at night, on their own and unknown to their employers, set up scam centers using the a legitimate company's office and equipment. Since the American company probably just contracts this service out to another company located in India, contacting the American company directly probably won't help. When I went into the Easy Wireless office the employee there said that he could not do anything about it, that the problem was with the corporate office not caring to take care of it.
And then at the beginning of this month I ran into a problem logging into my Yahoo email account. I had been using this email address for a couple of decades without a problem. Suddenly I was asked to log in and could not. So I called the help number and again got a phone service center in India. Again they kept asking for more and more information to verify the account and again got to the point where they wanted my full Social Security number. After some yelling on my part, I shut down that call and got a new email address from a different provider.
Scams abound. I just got hit with two of them within a couple of months.
But now my biggest problem set in. I hadn't changed my phone number on record with many of the businesses I deal with after changing my phone number in late summer because I just don't use my phone for anything. When I then changed my email address and tried to change my email address on record with all the businesses I work with (think bank, credit cards, PayPal, dentist, doctor, utilities, HipStamp, etc.), they all try to send a verification email to you to verify the new phone number, or in the case of notifying them of a new email address, they try to text your phone to verify the email address. What a mess that all turned out to be.
Very long message, but it gave me a chance to vent and release some residual frustration from the past few months.
Yes, the main point about my message is that this DOES look legitimate, because they initiate the scam directly, and then it's PayPal's automatic messaging that sends you the message with their "Message within the message" sent as a note. So suddenly it's like, "Oh, I have to pay this".
The real giveaway in their message is the time pressure... "This will happen automatically within 24 hours". They have several links in the ail that I'm sure no matter what you click, it will end up going to their fake site, including their fake "toll free" support fine.
This is one of the more clever ideas, because even clicking the "PayNow" button is legitimate (there is a REAL request for money in your PayPal account). Once you pay it, it's gone...
PayPal used to have an email address you could forward it to but I have not seen any for a long time now since I have a good anti-virus program and I use Thunderbird as my email program. When I quit using Microsoft Outlook a number of years ago is when I quit getting the scam phishing emails.
I noticed the fraudulent transaction charge right away because I didn't recognize the "company" listed. And I didn't buy anything for exactly $40. I also found it strange that PayPal & the "company" were on my bank statement/history listed in lower case letters. Any PP transactions I do, show up on my bank statement in all capital letters.
I then logged into my PP account. Sure enough; no transaction/record of that transaction in my PP account. I don't know(bank doesn't even know either); if it's actually a PP transaction. If it is, it wasn't done through my PP account. I suspect it's not even a PP transaction, just disguised as one(the address listed for the transaction I believe is PP headquarters).
I searched online some & found past discussions in older forums that were very similar to this fraudulent activity. People affected immediately tried/try to go to PP for resolution, but that will get you nowhere. They can't & won't do anything about it, because it seems like it's not even a PP transaction. So there's no record of the transaction on their end.
Like I had to do, you need to immediately cancel that card at your bank. Then dispute the transaction with your bank. I'm still in the dispute process with my bank.
It seems weird to me, my bank doesn't want to/won't look at my PP history. I can instantly prove that purchase isn't in my PP history & I didn't do it. (So if they don't eventually reverse the transaction; I'll definitely be banking elsewhere).
Again, I'm not even sure it's even related to PP at all. Other than stamps, I typically don't buy much online. And I usually only buy stamps here & the "other place". I've never & probably will never buy anything from Am*z0n.
I definitely can't say for sure if it has anything to do with 2 transactions overseas I made through PP. But a few days after I did the 2 transactions on the stamp site based in Belgium; the fraudulent transaction showed up. So if you use that site, I'd watch your CC/bank statement closer.
The previous similar scam/fraudulent purchases I found discussions on; where linked to foreign countries(not in US).
Just wanted to make everyone here aware of this recent fraud I encountered. Keep a close eye on your bank statement/transaction history for purchases disguised as a PP transaction! The fraudulent transaction probably won't actually show up in your PayPal transaction history.
Take Care!
JT
As you probably know you can look at the source of the email to find out where it came from.
I am curious what you find.
That's the point... It comes FROM PayPal. What happens is, the person initiates a paypal request using your email address (they can jus randomly try email addresses against PayPal, but if they KNOW you're PayPal address, which they can get from many sources, including exploiting data from other's hacks, and if you just "pay it", then you're out the money.
When they make the request they can leave a "note", that note then shows up in the middle of the email, where they put lots of other information in, including a bogus number to call, and the possibility of an "auto payment within 24 hours unless otherwise cancelled". I guess this is meant as a "call to action" to fool the unsuspecting into just paying the request, even though they have no idea who it is.
So this is my point, this one is SO nasty, because they ARE actually exploiting a "feature" of PayPal to fool people, and the source of the message IS PayPal's own systems.
Its not really "phishing" in the traditional sense, it is instead "fooling" you to make a payment for something you didn't actually buy (nor is there any "product or service" attached, just a bill...
They immediately withdraw the money, and then skip town. I'm also guessing these requests are originated from legitimate accounts that have been taken over as well.
The "look at the source of the email"... yes for most idiots that are phishing, they just launch from some account that is bogus, but for the very clever, there is also email "spoofing". I can easily send you an email that has an email address of @whitehouse.gov or @powerball.com and you'd be none the wiser.
Okay I see what you are talking about and they are using a closed PayPal account that you had so you can not check to see if they had sent you an actual invoice.
I once had someone do something like this to me with an invoice they actually sent to me from PayPal and I got hold of them and told them this was bogus and they took it off.
The best thing to do is to forward it to PayPal and tell them it is a bogus invoice on a closed account and they should take care of it.
Yes these scams are bad and like Harry says the same as the Amazon calls which I never answer or if I do I just keep on punching the number sign if I do and they don't call again. LoL
https://www.ecommercebytes.com/C/abblog/blog.pl?/comments/2022/12/1669929933.html/1/0#1669945920
https://www.zdnet.com/article/watch-out-for-this-triple-pronged-paypal-phishing-and-fraud-scam/
To report a suspicious email or website, forward it to phishing@paypal.com and we’ll investigate it for you. After you send us the email, delete it from your inbox.