You’re probably already familiar with the old phishing scams where someone has passed away/fled a third world country/discovered some long-forgotten funds and needs your “help” to wire the money. For just a small “administrative” fee, the person will share the $15 million amount with you.
Though this online fraud has been exposed some time ago, people are still falling for it.
The latest scam has an interesting twist.
Here’s an email I received:
Dear User, We recently noticed that a transaction may have been made without your knowledge or consent. We are currently investigating the following transaction: ----------------------------------- Details of Disputed Transaction ----------------------------------- Seller's name: Hagio-Host Seller's email: email@example.com Seller's transaction ID: 7YW39066PT6017814 Transaction date: Nov 25, 2008 Transaction amount: -$80.94 USD Your transaction ID: 30L88064FF065545B Case number: PP-587-442-704 To see the details of this case, log in to your PayPal account by following the link below and go to the Resolution Center. https://www.paypaldotcom/login?secure=ssl32?caseid=7YW39066PT6017814?=disputeTRANSACTION The seller has been asked to provide information about this transaction. During this time the funds are not available in your account, but if the unauthorized activity claim is decided in your favor, we will fully refund you for the amount of the transaction. Sincerely, Account Review Department Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and click the Help link in the top right corner of any PayPal page. BC:PP-587-442-704:R1:USD80.94:11/25/2008:30L88064FF065545B
This looks pretty legitimate, however, checking on the hyperlinked address to “fix” this problem, it goes to “http://paypal.update-user-infodotcom/index.htm”
Which is obviously intended to harvest your paypal login and password.
They probably won’t catch too many people with this trick, but still it pays to be careful.
Always check the originating domain and you’re unsure, go to the Paypal website and drop them an email.