PayPal Phishing Scam - Notification of Limited Account Access

[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]

VERY IMPORTANT INFORMATION, READ THIS FIRST: The example and associated information published on this page are subject to the SHPAMEE Terms Of Use. Please familiarise yourself with these terms before viewing or using any information on this page.

Header:

From: PayPal<service@intl1.paypal1.com>
Date: Tuesday, July 08, 2008 10:35
Subject: PayPal - Notification of Limited Account Access
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_027D_01C8E0EB.F99AFE80"

*** REST OF HEADER MISSING ***

Body:

Dear PayPal account holder,

PayPal is constantly working to ensure security by regularly screening the accounts in our system. We have recently determined that different computers have tried logging into your PayPal account,and multiple password failures were present before the logons.

Until we can collect secure information, your access to sensitive account features will be limited. We would like to restore your access as soon as possible, and we apologize for the inconvenience.

Why is my account access limited?

Your account access has been limited for the following reason:

July 7, 2008: We have reasons to believe that your account has been accessed by a third party. Therefore, we have limited access to sensitive account features until identity confirmation. We understand that having limited access can be an inconvenience, but protecting your account is our primary concern.

(Your case ID for this reason is PP-379-647951-112.)

How can I restore my account access?

Please visit the Resolution Center and complete the "Steps to Remove Limitations." To visit the Resolution Center, please follow the link below:

Resolution Center

NOTE: If you received this message in your SPAM / BULK
folder, that is because of the restrictions implemented by
your ISP or mail provider.

Thank you for using PayPal!
The PayPal Team

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the footer of any page.

Comments:

We have recently determined that different computers have tried logging into your PayPal account...

You should only access your PayPal account from computers that you can trust (for instance a computer at an Internet Cafè is not a trustworthy computer). But the fact that your PayPal account has been accessed from different computers, is not necessarily an alarming sign. For example, it is not uncommon for people who travel a lot, to access their PayPal account from different computers. Some people access their PayPal account from work and at home. There may be times when you need to access your account from the PC of a family member or a friend. So it would be stupid to impose restrictions on an account based on the criteria supplied in this e-mail.

... and multiple password failures were present before the logons

How can a password failure occur before a login attempt?

Until we can collect secure information, your access to sensitive account features will be limited.

Secure information like what? PayPal already have everything they need to verify your identity, what more can you offer them if you already gave them everything?

Why is my account access limited?

Your account access has been limited for the following reason:

Does this scammer suffer from Alzheimers? He just gave you some ridiculous reason in the introductory paragraph of the e-mail and now he repeats himself once again. Do you really believe PayPal will be as sloppy as this?

NOTE: If you received this message in your SPAM / BULK
folder, that is because of the restrictions implemented by
your ISP or mail provider.

This phishing scammer is absolutely right about this. Those restrictions are there for a reason and one of them is to keep junk like this from reaching your inbox.

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the footer of any page.

What is the use of such a message if the client can't even reply directly to the sender? Once again, no legitimate company will do something like this. The From-address is spoofed and will bounce if the recipient replies to the e-mail. This will automatically expose the scam and the scammer wants to avoid this at all costs.

Related Cyber Criminal Profiles:

No related profiles found.

Similar Spam Examples:

Related Malware Samples:

No related malware samples found.

[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]