PayPal Community

this is the message I get from Verizon when trying to forward spoof@paypal.com

Your message did not reach some or all of the intended recipients.

Subject: FW: Notification of Limited Account Access

Sent: 12/10/2011 10:19 AM

The following recipient(s) could not be reached:

'spoof@paypal.com' on 12/10/2011 10:19 AM

550 5.7.1 The message you attempted to send was determined to be spam. Please visit http://www.verizon.net/spamfaq for more information.

Hi sraeb86, and welcome to the forums!

Thank you for providing that messaging. That's really interesting stuff! I think I can see what they're trying to do.

What I believe is happening here is that Verizon is pulling out elements from the email that it detects as earmarkings of spam, and it's preventing you from propagating it to others as a sort of safety measure for everyone. The unfortunate side effect here is that it prevents you from forwarding it for review.

It's highly likely that you would get the same result if you were reporting spam that appeared to be from any large company that Verizon looks out for in its filters. I recommend contacting Verizon and letting them know that the fraud filter they're applying is preventing you from reporting spam/phishing/spoof.

Let us know if you find out more!

Olivia

Hi jans96950, and welcome to the forums!

That's a great question. Our systems are constantly learning the ongoing spoof trends. The emails that are forwarded help teach us what new and innovative tricks fraudsters are pulling in the hopes of fooling honest folks. If the system "knows" the email you're sending it is spoof, it will autorespond with a confirmation. If it "knows" that the email is legitimate, it will respond letting you know that.

Keep in mind, sometimes the response that is sent is itself interpreted by your email carrier as spam. Your email carrier's automated processes are also constantly working to keep up with the ever-changing trends, so there's always a small margin of error.

So why forward those emails if absolute confirmation is not completely assured? Because they help our system learn what's going on. The faster we can see the trends, the faster we can do something about them. We can reach out to providers that the fraudsters are using, we can find the accounts that are perpetrating the fraud, and we can educate the public more effectively. Your forwarded spoof emails may help protect many, many other people from fraud.

In the meanwhile, the very best way to protect yourself is to always take any email you receive with a grain of salt. If the email says that action is necessary on your account, open a fresh browser and log in to your account to see if the circumstances match. If the email says you received a payment or sent a payment, your transaction history should match. There shouldn't be a need to click a link if you do things that way (the exception being if you're expecting the email, for instance if you've initiated password recovery or some similar process where you've been told that an email is headed your way.)

You can learn more about spotting fraudulent emails in the following places:

Your Guide to Phishing

OnGuard Online

Fraud email examples thread

I did receive an auto response from Paypal stating that the email i received was phishing. Your last paragraph about cross referencing the transactions is exactly what I did before I even read your response.   Thank you very much.

Excellent! You're on top of things! I always like to see people acting cautiously in such situations.

Olivia