PayPal Account Suspension Notification Phishing Scam

Date: 27 September 2007
Received from "Services PayPal" <services@intl.paypal.com>
Subject: Your account has been suspended

PayPal September 2007

Shop without sharing your financial information. PayPal. Privacy built in. Learn more.

Shop without sharing your financial information. PayPal. Privacy built in. Learn more.

Shop without sharing your financial information. PayPal. Privacy built in. Learn more.

Shop without sharing your financial information. PayPal. Privacy built in. Learn more.

Your account has been suspended!
PayPal Security Measures.

Dear PayPal Member,

Your account has been suspended in our system as a part of our routine security measures. This is a must to ensure that only you have access and use of your Paypal account and to ensure a safe PayPal experience. We require all flagged accounts to verify their information on file with us. To verify your information at this time, please visit our secure server webform by clicking the hyperlink below:

Click here to verify your Information

If you choose to ignore our request, you leave us no choice but to temporarily suspend your account.
Thank you for your patience as we work together to protect your account.


Shop without sharing your financial information. PayPal. Privacy built in. Learn more. Shop without sharing your financial information. PayPal. Privacy built in. Learn more.
?Helpful Links: ID Theft Resources | Help Center | PayPal Shops | Password Help
Please do not replay to this e-mail. To modify your notification preferences, log in to your PayPal account, click the Profile sub-tab, then click the Notifications link under Account Information. Changes may take up to 10 days to be reflected in our mailings. PayPal will not sell or rent any of your personally identifiable information to third parties.
Copyright ? 2007 PayPal Inc. All rights reserved. Designated trademarks and brands are the property of their respective owners. PayPal is located at 2211 N. First St., San Jose, CA 95131.

PayPal Phishing e-mails like this one threatens the safety of even the most vigilant PayPal user. Each element of the e-mail links to a resource on the PayPal website, even the TRUSTe and BBBOnline banners link to the appropriate verification pages. PayPal users may easily mistake these links for information only available to PayPal. Links to verification pages are available to the public so anyone can add them to an e-mail, making it look like something only PayPal can do.

The e-mail even contains links to ID Theft Resources, the PayPal Help Center and even Password Help, all linking directly to the genuine PayPal website. Again the scammers want to create the impression that only PayPal will include these links in their e-mails and that they will never bluff themselves by pointing their victims to resources that educate them against phishing tactics. The scammers only do this to add a false sense of security and legitimacy to their e-mails.


Date: 28 September 2005
Received from a spoofed support@paypal.com e-mail address
Subject: PayPal Notification ( Your account is suspended )

Dear PayPal Member,

PayPal is committed to maintaining a safe environment for its community of buyers and sellers. To protect the security of your account, PayPal employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the PayPal system for unusual activity.

Recently, our Account Review Team identified some unusual activity in your account. In accordance with PayPal's User Agreement and to ensure that your account has not been compromised, access to it was flagged.You will remain flagged until this issue has been resolved.
This is a fraud prevention measure meant to ensure that your account is not compromised.

In order to secure your account and quickly restore full access, we may require some specific information from you for the following reason:

Our system requires further account verification.

Case ID Number: PP-056-245-481
We encourage you to log in and restore full access as soon as possible. Should your account remain flagged for an extended period of time, it may result in further limitations on the use of your account or may result in eventual account closure.

-----------------------------------------------------------------------
Please click on the link below to log in and restore full access to your account. https://www.paypal.com/cgi-bin/webscr?cmd=_login-run
----------------------------------------------------------------------

Thank you for your prompt attention to this matter. Please understand that this is a security measure meant to help protect you and your account. We apologize for any inconvenience.

Sincerely, PayPal Inc.

PayPal Email ID PP562

The e-mail above has all of the characteristics of a scam, the generic greeting, the link points to an URL that starts with an IP address and the request for account verification. This e-mail is done in a very subtle manner. They do not explicitly ask you for your personal information and they require you to log in on a secure server. A user who doesn't know how to look for fake e-mails may easily be tricked by this one.