Chat with our moderator team every Wednesday between 1-2pm PT (4-5pm ET). Learn more in Community Events
Well, if this email is legit, why is there no prompts from inside PP to do anything? Why should we have to look around in a forum to find this out? You know we all get phishing scams regarding our PP accounts, and when we log in we still see nothing about this, which makes many of us suspicious. If these changes are made and mess up our accounts, you will get hundreds of thousands of inquiries about this. So perhaps you guys should be all over this. Send us a message from inside PP to tell us how do our upgrades.
^Precicely what I wanted to say. This is a mind-bogglingly irresponsible way of handling this. I was 98% sure this WAS a phishing scam, until I googled and found this topic.
Also, as other people have noted, I'm only a merchant through ebay and Etsy, so I would assume any changes that needed to be made would be their responsibility. Which makes this email unneccesarily confusing and alarming (and also more likely to be assumed a scam).
I forwarded mine to firstname.lastname@example.org, I advise everyone else to do the same, let them figure it out for us. I looked at the full headers of the message and it looks like it wasn't sent from actual paypal website at all. They just put in paypal.com as sender but that is possibly fake.
I've just had a message like this too. I took a look at the raw code of the email and found images linked to this url (Don't click on it) : http://img.ed4.net
I did a google search and found that this URL was also used on this page:
It's definitely a scam.
I just received this email yesterday. I forwarded it to spoof dept at PP.
But I am confused, are you saying it IS or IS NOT from Paypal? It had my FIRST and LAST name on it, which is a bit concerning as they usually do not have my name.
I am still confused too-not even the paypal admin knows for sure? I tried to forward it to email@example.com but my mail program shut down-just a coincidence I suppose, but still...
I received an email with the subject: IMMEDIATE ATTENTION REQUIRED: PayPal service upgrades.
It is telling me:
"As we have previously communicated to you, PayPal is upgrading the certificate for www.paypal.com to SHA-256. This endpoint is also used by merchants using the Instant Payment Notification (IPN) product. ... You’re receiving this notification because you’ve been identified as a merchant who has used IPN endpoints within the past year. If you have not made the necessary changes, we urge you to do so right away to avoid a disruption of your service!"
It links to webpages which do not make it clear at all what I need to do. It says I have used Instant Payment Notification. Is that referring to the fact that I get emails when someone has sent me money? Are there instructions somewhere that would tell exactly what I need to do or even if I need to do it?