Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Please note this sub-forum does not provide professional finance advice. You should seek advice from a licensed financial advisor.

To post in this sub-forum you must have made 100 posts or have Trust status or have completed our ID Verification.

If investing please consider our affiliate link for new accounts: Sharesies.



ForumsFinance and wealth managementPaypal 'phishing' e-mail from Paypal itself?
nigelj

856 posts

Ultimate Geek
+1 received by user: 125


#90890 2-Oct-2011 15:43
Send private message

I got an e-mail today that looks a bit odd, and if it didn't come from Paypal's own MX servers and if SPF/DKIMs checks didn't pass I'd believe it was a phishing e-mail but it just seems a bit odd.

The e-mail says:

 ----------------------------------------------------------------------
We have unregistered your mobile device
----------------------------------------------------------------------


Dear {$ME},

This Apple® mobile digital device was removed from your PayPal account: JC’s iPod.

The next time you log in to PayPal on this device, it will link to your account again.

When your device was removed, push notifications about PayPal transactions on your mobile device or online
+were disabled. You can enable push notifications by editing the settings/preferences in your PayPal app.

Apple is a trademark of Apple Inc., registered in the U.S. and other countries.
Yours sincerely,
PayPal

----------------------------------------------------------------------
Help Center:
https://www.paypal.com/nz/cgi-bin/helpweb?cmd=_help
Security Center:
https://www.paypal.com/nz/security


Now, it just happened to come through on a Paypal account, I haven't used in ages (I have two, but there was a country of account issue with one of them which was a bit messy), I put it off as phishing, but decided to check the headers and the DKIM Signature appears to be fine, SPF Passed, and it came from an MX that resolves properly and the IP used, is owned by eBay (which owns Paypal).

Apart from owning two iPod Nanos (which can't connect to the Internet and certainly aren't named JC's iPod, my Paypal creditials have never been close to a mobile iDevice.

I can't find anywhere on the Paypal site that shows me if an iDevice has never been registered against my account, and from a Google search (http://www.liquidsilver.org/2011/02/paypal-hacked-maybe/), this message does seem to be generated if the account is been used by scammers/fraudsters to steal funds (no Credit Card attached to this account makes me glad).

Does anyone know of any method I can track down how/why/legitimacy of the message (other than e-mail headers) (I am intending on contacting Paypal, but looking around my Paypal account, definately requires a map or something which they don't provide).

Create new topic
MacBook
1 post

Wannabe Geek


  #529029 4-Oct-2011 13:54
Send private message

I received the identical email today, forwarded on to spoof@paypal.com

If it is a phishing email, it's the least useful I have ever seen!


We have unregistered your mobile device Hello xxxxxxx,

This Apple® mobile digital device was removed from your PayPal account: JC’s iPod.

The next time you log in to PayPal on this device, it will link to your account again.

When your device was removed, push notifications about PayPal transactions on your mobile device or online were disabled. You can enable push notifications by editing the settings/preferences in your PayPal app.

Apple is a trademark of Apple Inc., registered in the U.S. and other countries.



nigelj

856 posts

Ultimate Geek
+1 received by user: 125


  #529213 4-Oct-2011 22:23
Send private message

MacBook: I received the identical email today



Glad I wasn't the only one then, I was thinking of a similar thing, and because I couldn't verify anything or even see if there are/were devices attached to my account, it was really suspect.

I got a follow up e-mail today which basically said that "Your account has been limited because something has happened" although again, the only detail on what 'something' may be, is a suspect login to the account.

What I don't get, is even if someone got into my account (and realized that there was only 6NZD in it, and no credit cards etc linked) why didn't they take the pitance that was in my account?

I think I might have to e-mail them and ask what the heck is going on.

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright