If you get a message like this that landed in the trash folder of your email client DON’T JUST LEAVE IT THERE FORWARD IT TO THE PROPER AUTHORITIES TO SHUT THESE PEOPLE DOWN!
This particular piece of mail had an extremely suspicious header even though it was forwarded to my main address from my email@example.com account:
Received: from [184.108.40.206] by mx254a.mysite4now.com [220.127.116.11] with SmartMax MailMax for firstname.lastname@example.org; Fri, 05 Aug 2005 11:07:05 -0700
Received: from 201-0-91-38.dsl.telesp.net.br ([18.104.22.168])
by sccrmxc20.comcast.net (sccrmxc20) with SMTP
id <20050805175955s2000f9dgge>; Fri, 5 Aug 2005 18:00:16 +0000
Received: from web33.nix.paypal.com (web87.nix.paypal.com [10.192.2.49]) by smtp-outbound.nix.paypal.com (Postfix) with SMTP id 659NB1CC814 for <email@example.com>; Fri, 05 Aug 2005 10:56:21 -0800
Received: (qmail 84229 invoked by uid 92); Fri, 05 Aug 2005 10:56:21 -0800
From: "Paypal Security" <firstname.lastname@example.org>
Reply-To: "Paypal Security" <email@example.com>
Subject: New Security Requirements
Date: Fri, 05 Aug 2005 10:56:21 -0800
X-NAS-Bayes: #0: 4.39383E-066; #1: 1
Dear valued PayPal® member,
Due to recent fraudulent transactions, we have issued the following security requirements.
It has come to our attion that 98% of all fraudulent transactions are caused by members using stolen credit cards to purchase or sell non existant items. Thus we require our members to add a Debit/Check card to their billing records as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. Your Debit/Check card will only be used to identify you. If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the PayPal® service. However, failure to confirm your records will result in your account suspension.
We are requesting this information to verify and protect your identity. Federal regulations require all financial institutions to obtain, verify, and record identification from all persons opening new accounts or obtaining ongoing payment services. This is in order to prevent the use of the U.S. banking system in terrorist and other illegal activity. For these reasons, PayPal® will utilize services provided by various credit reporting agencies to verify the information you submit to us.
Once you have updated your account records your pending PayPal® account transactions will not be interrupted and will continue as normal.
To update your billing records please login to your account by clicking here. (DO NOT CLICK HERE UNDER ANY CIRCUMSTANCES!!!) This web site with the following querry string http://paypal.signin2.com/cgi-bin/webscr.html?cmd=_login-run points to GOD ONLY KNOWS WHO’s home desktop pc just like a loaded pistol!
Thank you for your time,
PayPal® Billing Department.
I’m forwarding this belligerently obvious case of of fraud to the proper paypal authorities, and with any luck, we’ll never hear from these people at this particular domain again…