# PayPal Help!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1



## RamistThomist (Oct 8, 2006)

I got an email from what looks to be "PayPal" asking to confirm that I bought a $700 laptop from Dell. I did no such thing. It said to go to PayPal's page to contest and deny the transaction by going to "History" and clicking "Cancel transaction." I did that, entered my account, and saw that I had no transactions in my history (which would be right). What gives?

1) Was this email from PayPal?
2) What do I do next?

Here is what the email looked like:



> Dear member,
> 
> This email confirms that you have paid [email protected] $699.99 USD using PayPal.
> 
> ...


----------



## C. Matthew McMahon (Oct 8, 2006)

Send me the $700, I'll take care of it. 

Its spam. 

Send it to Paypal as a reporting of malicious spams. (They have a section of the site to report things like that.)


----------



## RamistThomist (Oct 8, 2006)

> _Originally posted by C. Matthew McMahon_
> Send me the $700, I'll take care of it.
> 
> Its spam.
> ...



I emailed it to PayPal. They said to do the following:


> . Log in to your account at https://www.paypal.com
> 2. Select the "Resolution Center" subtab.
> 3. Click "Open a dispute."
> 4. Select "Unauthorized transaction," then click "Continue."
> ...



I am getting stuck at #5. When I enter what I think to be the spurious ID, it takes me to my history page, showing no transactions (which appears safe on first glance).

However,
They also sent me this:


> Our fraud prevention team is working to disable any website linked to
> this email. In the meantime, please do not enter any information into
> this website. If you have already done so, you should immediately log
> into your PayPal account and change your password, as well as your
> ...



Well, I originally went to PayPal's page to contest this stuff. I fear, but can't tell, if I went to the spam page and now they have my info. Well, I am about to change all that now and email the bank, etc.


----------



## Civbert (Oct 8, 2006)

Did you use a link on the e-mail to get to paypals? Did the e-mail have a link to paypals?


----------



## RamistThomist (Oct 8, 2006)

Here was the link within the email:
http://staylocked.com/www.paypal.com/cgi-bin/login.html


----------



## RamistThomist (Oct 8, 2006)

I logged in and was at PayPal's homepage (or at their site).


----------



## Scott Bushey (Oct 8, 2006)

Jacob,
If you have a Paypal account, simply log in (don't use the suspicious link) and see if there are any logged transactions against your account. I would be suprised if you find the charge; these emails are common spam.


----------



## RamistThomist (Oct 8, 2006)

I logged into paypal. There is nothing in my history.


----------



## fivepointcalvinist (Oct 8, 2006)

> _Originally posted by Draught Horse_
> I logged in and was at PayPal's homepage (or at their site).



that was the wrong thing to do. what you received was called a phish (fish) email and you took the bait! you have given them your username and password and they can withdraw funds and make purchase with it. you need to go IMMEDIATELY to your paypal account through

www.paypal.com 

and change your password and check to see if they have added any emails to your email list.


----------



## Scott Bushey (Oct 8, 2006)

> _Originally posted by Draught Horse_
> I logged into paypal. There is nothing in my history.



You've been SPAMMED; ignore it!


----------



## RamistThomist (Oct 8, 2006)

> check to see if they have added any emails to your email list.



How do I do this?


----------



## RamistThomist (Oct 8, 2006)

It says my monthly receiving limit is 500. That means that the 700 (attempted) transaction wouldn't work?

I know you said ignore it, Scott, but I am just trying to get all my bases covered.


----------



## turmeric (Oct 8, 2006)

I got one of these and I don't even use PayPal, it's probably spam OR phishing.

*Always* delete these kinds of email without responding, then contact PayPal or the bank or whoever they represented themselves to be and ask if they contacted you. BTW, banks *never* do this, they always go through the mail.

[Edited on 10-8-2006 by turmeric]


----------



## polemic_turtle (Oct 8, 2006)

shoot, man, what happened is you got phished, like 5point was saying. Their goal was to get you logged into their look-a-like fake Paypal account with your username/password, which they would record for future use. As 5point said, GO TO PAYPAL AND CHANGE YOUR PASSWORD. Type the address into the bar yourself to be sure you're going to the actual site( there are many fakes which look exactly the same ) and change your password before they do that themselves.

I've had a bank phish e-mail sent to me. I clicked on the link, knowing it wasn't even my bank, and I arrived a very convincing look-a-like. I logged in with a madeup username and password and _it let me in_, acting as though I had really logged into a banking account. Since I made the details up, I know they were just logging my information I entered in. You've had the same thing happen to you; No, they didn't really charge a laptop to your account, but now they have your password and could possibly charge whatever they wished to. Your receive limit refers to how much income you can receive from other people( eBay and the like ), not to how much you can spend. So they can send much more than $500 now; they've got the access to your whole account! CHANGE YOUR PASSWORD!


----------



## RamistThomist (Oct 8, 2006)

> No, they didn't really charge a laptop to your account, but now they have your password and could possibly charge whatever they wished to. Your receive limit refers to how much income you can receive from other people( eBay and the like ), not to how much you can spend. So they can send much more than $500 now; they've got the access to your whole account! CHANGE YOUR PASSWORD!



Well, I've changed the password.


----------



## Scott Bushey (Oct 8, 2006)

I agree w/ Tyler; If you went to their fake site and logged in, you are at risk; go to your pp site and change all your information.


----------



## polemic_turtle (Oct 8, 2006)

That ought to be enough to keep them out of your account, unless you'd possibly want to change your password question. They probably haven't gotten around to trying your account yet; they get hundreds of fakes they have to try out, probably. Worth considering.


----------



## RamistThomist (Oct 8, 2006)

Thanks a bunch, Tyler; that was helpful. Well, I have changed all my account information. I went to the credit card page and it said I had no cards activated on my account (I really am pre-modern). But I will change the password questions.


----------



## fivepointcalvinist (Oct 8, 2006)

> _Originally posted by Draught Horse_
> 
> 
> > check to see if they have added any emails to your email list.
> ...



in your account home their should be a tab that says:

profile

then go to where it says

email

make sure none have been added. they use email addresses to log into your account and make purchases but they need the password too, so once youve changed it you should be fine. for precaution, change any ebay info that is the same as your paypal account (passwords)


----------



## RamistThomist (Oct 8, 2006)

The only email address there is the one I manually added this afternoon.

PS: I have never made any transactions on ebay, For what it's worth.


----------



## fivepointcalvinist (Oct 8, 2006)

> _Originally posted by Draught Horse_
> The only email address there is the one I manually added this afternoon.
> 
> PS: I have never made any transactions on ebay, For what it's worth.



if you have an ebay account with the same password, it doesnt matter. most who have paypal have an ebay account, so change the ebay password too.


----------



## RamistThomist (Oct 8, 2006)

I don't have an ebay account. Don't know how that figures into the equation.


----------



## fivepointcalvinist (Oct 8, 2006)

> _Originally posted by Draught Horse_
> I don't have an ebay account. Don't know how that figures into the equation.



never mind...


----------



## Semper Fidelis (Oct 8, 2006)

> _Originally posted by Draught Horse_
> 
> 
> > No, they didn't really charge a laptop to your account, but now they have your password and could possibly charge whatever they wished to. Your receive limit refers to how much income you can receive from other people( eBay and the like ), not to how much you can spend. So they can send much more than $500 now; they've got the access to your whole account! CHANGE YOUR PASSWORD!
> ...


Shwew! I was reading this thread waiting to see you had, in fact, changed your password after you logged into the Phishing site. When I read you had followed the bogus link and logged into the fake Paypal site I got really concerned.

Changing your password will protect the account.

I've actually had my Paypal account compromised in the past and they emptied my Paypal account of $150. I hadn't responded to any phishing e-mail but I had sloppy password practices at the time.


----------



## C. Matthew McMahon (Oct 8, 2006)

I have at least one of those silly emails a day sent to me.

Just delete them.

Jacob - 

If you still need help, send me the $700 and I'll see what I can do! 

Just kidding!

Change your password, and you should be safe.
You may even want to change it once more time just in case.

If there is no transaction history, nothing has hapopened yet.

Remember - those spammers (thieves) have to sort through hundreds of thousands of emails in order to then log into an account that has responded to them...


----------



## RamistThomist (Oct 8, 2006)

Thanks guys. That was a big help. I changed my password several times (its "theonomy." just kidding). I changed my address (I am a pilgrim on this world so its honest) and a few other things. That should work.


----------



## NaphtaliPress (Oct 8, 2006)

Make sure no one added an email account (Profile, Email). Should only have your email listed.


----------



## Civbert (Oct 8, 2006)

As a rule - NEVER go to paypal or any other account you have using a e-mail link! 

The link in the e-mail will take you to a site that looks just like to real paypal. When you login - you have just given the phisher all the information they need for an identity theft. They will try to use that information to hijack your paypal to steal you funds. Luckily you seem to have gotten to your paypal account on time. But I'd consider closing that paypal account altogether. Then checking with your credit card company and/or bank to make sure no funds have been stolen. Later you can open a new paypal account. Check with paypal and see what they recommend.


Always go to paypal or any bank or credit card accounts you have online by typing in the address directly or by using the link you have in your bookmarks or favorites. 

Never follow an link in an e-mail. The link in the email will look just like this: www.paypal.com and will take you to some site that looks _almost_ like paypal. Notice my link takes you to Wikipedia instead, but the phishing site will look something like "www.paypal.securitysafe.com.net.org/login.php" or "wwwpaypal.com.org/trust-us/you-are-safe/dont-worry/login.asp". But it's someone who is trying to steal your paypal login information. These guys are tricky.

Also, in MS Outlook - if you try to add them to you spam list - Outlook will add paypal's real e-mail to the block list instead of the phisher's. So the phisher can still send you e-mails, but legitimate paypal e-mails will be blocked. I don't know how they do that, but I've tried several times to block the phishing e-mail only to check the list of block e-mails to find paypal.com being blocked. Very tricky.




[Edited on 10-8-2006 by Civbert]


----------



## Civbert (Oct 8, 2006)

> _Originally posted by NaphtaliPress_
> Make sure no one added an email account (Profile, Email). Should only have your email listed.


----------

