Phishing Attempt PayPal / Avangate BV
We identified via our Support center that some people were asking about an unknown “charge” in their Paypal from Avangate. It seems they received a deceitful email trying to trick them into giving away their PayPal information.
The email came from a yahoo.com address acting as the “Fraud Department” of PayPal and contained a false notification that Avangate BV charged their accounts and a link “Click HERE TO REFUND“, leading them to a forged to look like PayPal website.
Phishing Attempt PayPal / Avangate BV
The fake website has already been banned (reported for web forgery).
When you receive PayPal phishing attempt you can report it to spoof@paypal.com and also delete it from your inbox.
To make sure you are never the victim of a phishing attack, always check the URL and the security elements like HTTPS before entering login information to any website.
If you want to further prepare for coping with phishing emails, we recommend reading on the PayPal website about ways to recognize fake emails.
Please comment below if you need more details or advice on this issue.
January 19th, 2010 at 9:14 pm
[...] This post was mentioned on Twitter by Avangate , Roxana Patrichi and Rick Davies, Cristian Badea. Cristian Badea said: RT @avangate New post: Phishing Attempt Paypal / Avangate BV http://bit.ly/5AKbVt [...]
January 21st, 2010 at 11:02 pm
I received that same phishing email this morning, it was the same except the amount was $497.99. It really freaked me out because I wasn’t able to see the senders email from my iPhone. I immediately got on my computer and logged into my paypal account. Then I googled Avangate BV and found this. Please remind everyone not to click the link in the email but to go directly to paypal.com if they want to check their account. This goes for any email you receive regarding your paypal account!!!
January 26th, 2010 at 3:50 am
[...] Phishing Attempt PayPal / Avangate BV [...]
February 8th, 2010 at 2:26 pm
The same thing happened to me but I havent read an email. Instead, whoever did this ran my account up to 300+ dollars! I am furious! How can this get fixed so everyone can sleep at night?
February 8th, 2010 at 8:34 pm
@Travis Jones first of all, change the password of your email address, just in case, even if you didn’t click on a fake link in an email. Then, to get your money back, contact your bank (or PayPal) and tell them what happened.
Unfortunately, phishing attempts will probably always happen, that is why it’s important to learn how to prevent becoming a victim of one. Do try browsing through the generous documentation PayPal offers on this matter: https://www.paypal.com/cgi-bin/webscr?cmd=xpt/Marketing/securitycenter/general/Index-outside and chose the best way to stay protected.
Basically, the bigger part of the fix is in your hands, if you follow a few simple guidelines, chances of future unauthorized access to your account go really down:
- never ever share your account private details with anybody;
- before entering information about your Paypal / bank account on the web, double check the URL, make sure it is a https one, not a simple http;
- double check the security certificate of the page asking for your account details.
May 13th, 2010 at 11:07 pm
I just got a phishing attempt from PayPal (don’t worry, not Avangate related but I was doing a search and came across your blog).
Latest one seems to attach a file asking you to click on it to verify a “discrepancy” in your PayPal account..
Looks like this:
From: “PayPal”
Subject: Please Submit Your Refund Payment
Dear PayPal Customer,
During our regularly scheduled account maintenance and verification procedure we have detected a
slight error in your PayPal online account.
This might be due to the following reasons:
1. A recent change in your personal information (ie. change of address, email address)
2. An inability to accurately verify your selected option of payment due to an internal
error within our systems.
Please fill in all the details that are required to complete this verification process.
To do this we have attached a form to this email. Please download the form and follow the
instructions on your screen. NOTE: The form needs to be opened in a modern browser which has
javascript enabled (ex: Internet Explorer 7, Firefox 3, Safari 3, Opera 9)
Please understand that this is a security measure intended to
help protect you and your account. We apologize for any inconvenience.
If you choose to ignore our request, you leave us no choice but
to temporary suspend your account.
Sincerely,
PayPal Account Review Department.
Please do not reply to this e-mail. Mail sent to this address cannot be answered.
For assistance, log in to your PayPal account and choose the “Help” link in the footer of any page.
Content-Disposition: attachment filename=”Verify_Form.html”
Looks like (by reading the full header) the one I got actually was through a hijacked yahoo account from France.
Return-Path:
Received: from clevelandplayhouse.com ([209.187.80.219])
by mx.google.com with ESMTP id 27si949350qyk.90.2010.05.13.05.18.57;
Thu, 13 May 2010 05:19:07 -0700 (PDT)
Received-SPF: neutral (google.com: 209.187.80.219 is neither permitted nor denied by best guess record for domain of srvcs@ppal.com) client-ip=209.187.80.219;
Authentication-Results: mx.google.com; spf=neutral (google.com: 209.187.80.219 is neither permitted nor denied by best guess record for domain of srvcs@ppal.com) smtp.mail=srvcs@ppal.com
Received: from [208.104.18.27] by clevelandplayhouse.com [192.168.0.231] with SmartMax MailMax for angierock2001(@)yahoo.fr; Thu, 13 May 2010 08:23:07 -0400
Return-Path:
X-SmartMax-AuthUser: merlin
January 15th, 2011 at 6:09 pm
I have had many of these emails from paypal and my bank etc. Best thing is to log on when you want to not when someone asks you to, stick to that and visit sites like this directly and you’ll have no problems!