PayPal Community

jeepster2007 · ‎Jun-06-2011

I received this today. Probbly a scam - yes?

Subject: Robert, action recommended: update your browser today
To: *********************************
Date: Monday, June 6, 2011, 10:27 AM

Update your browser today to help keep your PayPal account secure.
Having trouble viewing this email? View online or text version

Help Keep Your PayPal Account Secure – Update Your Browser Now

Hello <name removed>,

It looks like you may be using an outdated browser with known security issues.

Help keep your computer and your PayPal account protected by updating your browser today.


	© 2011 PayPal Inc. All rights reserved. PayPal is located at 2211 N. First St., San Jose, CA 95131.

kellie1127 · ‎Jun-08-2011

Well "adrian", then you explain why when several of us forwarded the browser email to the www.spoof@paypal.com website (which for years we have been told to forward suspicous emails), why they then replied telling us... "The email you received was not sent by PayPal and it links to a fake website. We are investigating and working on stopping the fraud. " Obviously, this forum is of no use, so today was my first time to post and will also be my last.

tad · ‎Jun-08-2011

Long time PayPal user, first visit here in the "community". Forwarded the "update your browser" email which I received on Jun 8 to spoof@paypal.com, and received this reply: "Thanks for reporting that suspicious-looking email. The email you
received was not sent by PayPal and it links to a fake website. We are investigating and working on stopping the fraud."

So now after reading through this thread, I've decided PayPal is neither secure nor worthy of my business. I tried to close my account (which has a zero balance, nothing pending and no outstanding charges) but was unable to. Clicking on the "contact us" link brings up a screen that is non-functional. Now I'm really sure that I need to close my account, NOW. I wonder how much business PayPal will lose over these issues.

techdragon · ‎Jun-09-2011

Actually when I sent it to spoof.... I got confirmation that it WAS sent by Paypal.... so maybe there is both a real one and a scam one out there.

Thank you for bringing this email to our attention. We can confirm that
PayPal sent this email. We apologize for any confusion this may have
caused.

To keep members informed of our products and services, PayPal
occasionally sends emails to account holders. General Notification
emails and Payment Notification emails are activated by default.
Therefore, a PayPal user will need to set their Preferences to 'not'
receive these emails if they so choose.

Please check your Account Profile to ensure that your email notification
preferences are currently set to your desired specifications. You can
choose whether or not to receive these Notification emails by following
these steps:

1. Log into your account at https://www.paypal.com/ by entering your
email address and password in the Member Log In box
2. Click on "Profile"
3. Select "Notifications" under the Account Information tab
4. Select which Notifications you would like to receive
5. Click Save

Sincerely,

The PayPal Team

This email is sent to you by the contracting entity to your User
Agreement, either PayPal Inc, PayPal Pte. Ltd or PayPal (Europe) S.à
r.l. & Cie, S.C.A. Société en Commandite par Actions, Registered Office:
5th Floor 22-24 Boulevard Royal L-2449, Luxembourg RCS Luxembourg B 118
349.

ElrondPA · ‎Jun-09-2011

Sorry, Adrian, but the email that was sent out is indefensible. Number 1, it is false: You sent the message to me, claiming that I was using an outdated browser, but my browsers (both IE and Firefox) are fully up to date, as reported by both the manufacturers and Secunia, an update manager I use that alerts me if anything is out of date. Compounding that failure, www.paypal.com/safebrowser makes the exact same claim, without providing any reason for it. (The "may be using" weasel words are no excuse.) Number 2, it is structured exactly like a phishing email, asking people to do exactly what you've always told them not to do. While the fact that my name was displayed in the mail is a partial reassurance that it's valid, there's still the risk that it's a spear phishing email, which is exactly the method the Chinese recently used to break into Gmail accounts.

I haven't even logged into Paypal recently, so how would Paypal have any reason to know whether I'm using an outdated browser? It seems clear this was sent as a mass email to your entire user base, with no factual basis other than "a lot of people have outdated browsers." But that's not what the email claimed. If you'd said, "Many people have outdated browsers. Please check to make sure yours is up to date," that would be one think. But instead, you FALSELY said that all of us have outdated browsers, when you clearly have no basis for making that claim. And you encouraged people to do an action (click on a link in the email to update software) that, if repeated with other emails, puts them at risk of security compromises.

SHAME! SHAME! SHAME!

Kojiro · ‎Jun-08-2011

I think the worst part about the email is the title:

"<name> -- Important! Please update your browser now"

This smacks of those malicious websites that prompt you with something like:

"Warning! Your computer may not be protected! Click here to install Secu-Scam!"

Honestly, I saw the key icon in Gmail that indicates the email was verified as a PayPal email, and I STILL didn't believe this came from PayPal.

No real harm has been done here, obviously. So no apology needed. Was just an odd situation.

Cheers!.

songlismom95 · ‎Jun-09-2011

I got the exact same referenced email yesterday. Even though someone here stated that it is a valid email, I forwarded it to Paypal's spoof email, and within a few hours I heard back:

"Thanks for reporting that suspicious-looking email. The email you

received was not sent by PayPal and it links to a fake website. We
are investigating and working on stopping the fraud.

If you have already given any personal or financial information to this

fake website, you should immediately log in to your PayPal account
and change the password and secret questions. You should also tell your bank

about this problem".

techdragon · ‎Jun-09-2011

I forwarded to spoof@ ... and I got a reply CONFIRMING it WAS from Paypal. So maybe there are two different emails going on.

Thank you for bringing this email to our attention. We can confirm that
PayPal sent this email. We apologize for any confusion this may have
caused.

To keep members informed of our products and services, PayPal
occasionally sends emails to account holders. General Notification
emails and Payment Notification emails are activated by default.
Therefore, a PayPal user will need to set their Preferences to 'not'
receive these emails if they so choose.

Please check your Account Profile to ensure that your email notification
preferences are currently set to your desired specifications. You can
choose whether or not to receive these Notification emails by following
these steps:

1. Log into your account at https://www.paypal.com/ by entering your
email address and password in the Member Log In box
2. Click on "Profile"
3. Select "Notifications" under the Account Information tab
4. Select which Notifications you would like to receive
5. Click Save

Sincerely,

The PayPal Team

(sorry for the duplicate post...)

RIPizzo · ‎Jun-09-2011

I got the same email today. Here I am checking it out. Good thing I didn't click through.

JonG · ‎Jun-09-2011

Not only does this violate in-house policies about how PayPal sends eMail, it is also bad information. Has no one noticed that Chrome pushes its own updates when it wants? There is no way to manually update Chrome.

Since PayPal, in the form of Andy is admitting this is legit (and I agree with the PP's comments about his horrible and unprofessional handling of the inquiries in this thread), then they should also admit that they sent mis-information that the most basic member of their IT department should have been able to say was wrong.

smokeybandit · ‎Jun-09-2011

Is Paypal sending this email out to everyone? Obviously they've sent it to plenty of people who certainly are not using outdated browsers.

Shame on Paypal for sending out an email that is both incorrect, and shows all the classic signs of phishing.

PayPal Community

New scam?

Haven't Found your Answer?