Reply to topic
Sargonarhes
Sargonarhes Member
Member
Posts: 3
Kudos: 4

Monthly Account statement email

Just checking, is Paypal now sending out a email telling you your monthly account statement is ready, or is this a phishing email I just recieved?

 

Because something about this email smells funny.

ncdave4life
ncdave4life Member
Member
Posts: 2
Kudos: 4

Re: Monthly Account statement email

I have the same question, and the same suspicions.

 

The email I got says:

 

YOUR MAY ACCOUNT STATEMENT FROM PayPal IS READY
LOG IN TO VIEW NOW
https://email0.paypal.com/servlet/cc6?iitgHQYRCAQ
...very-very-long-gibberish...YVXLX

 

All the URLs in the email start out "https://email0.paypal.com/..." yet it still seems strange.  The URL's are incredibly long, for no obvious reason.  What's more, the headers show that the email did NOT come from a paypal or eBay mailserver:

 

Received: from om-paypal-na.rsys4.com (om-paypal-na.rsys4.com [12.130.139.53])

        by mx.google.com

 

rsys4.com?  What's that?  It doesn't seem to be a real domain.

Looking up the IP...

 

AT&T Services, Inc. ATT (NET-12-0-0-0-1) 12.0.0.0 - 12.255.255.255

Responsys ATTENS-010369-005188 (NET-12-130-139-0-1) 12.130.139.0 - 12.130.139.255

CERFnet ATTENS-SJC1-2 (NET-12-130-128-0-1) 12.130.128.0 - 12.130.191.255

 

That's not Paypal!

 

What's going on??

xenu
xenu New Community Member
New Community Member
Posts: 1
Kudos: 1

Re: Monthly Account statement email

I received the exact same e-mail with the same headers. I didn't click on any of the links and just went to Paypal's website directly in my web browser. I did forward a copy with the headers to spoof@paypal.com so they could check it out.
Sargonarhes
Sargonarhes Member
Member
Posts: 3
Kudos: 4

Re: Monthly Account statement email

[ Edited ]

I figured I wasn't the only one to get the message, and you're right the whole message doesn't seem right. Thanks.

Ms67GTO
Ms67GTO Member
Member
Posts: 1
Kudos: 1

Re: Monthly Account statement email

DO NOT OPEN THIS EMAIL.  I received the same monthly account statement on 06.16.11.  I always preview the settings before I open anything from PayPal.  I saw no problems and everything was legit.  However, when I actually opened the email, it had me log in.  It accepted my email address, but kept saying my "password" was not recognized.  Tried several times, went to the ask/problems area, but literally locked my computer up and would not let me type.  I have been trying ALL DAY TODAY 06.17.11 to reach PayPal.  My computer is just haywire, my security/virus system never stops running.  I cannot clear it.  I cannot access any viable means to reach PayPal.  Even the "live chat" is set to just repeat the same statements.  Was given a phone number to contact - I called and kept repeating my sign-in finally saying that this service is discontinued.  THIS IS A VIRUS!  My computer is going nuts!:smileymad:

ncdave4life
ncdave4life Member
Member
Posts: 2
Kudos: 4

Re: Monthly Account statement email

How'd this thing get marked "solved?"  It's certainly NOT solved!

 

Note that all those web addresses in the email started out "https://email0.paypal.com/servlet/..." -- i.e., they're using a real paypal.com address.  That seems to mean that Paypal's "servlet" implements a mechanism for redirecting through a paypal address to an arbitrary (bogus!) external web site!  If so, that is a HUGE security flaw!!!  

 

Paypal/eBay, please address this problem!!!

 

Sargonarhes
Sargonarhes Member
Member
Posts: 3
Kudos: 4

Re: Monthly Account statement email

I marked it solved as reporting it to Paypal seems to be the best option for right now. Treat it just like the Playstation Network hacking and change your password, and keep a close watch of your bank statements.

0 Kudos
mas064
mas064 Member
Member
Posts: 3
Kudos: 1

Re: Monthly Account statement email

From what I've seen lately, reporting this to Paypal accomplishes little or nothing!    SOMEBODY PLEASE GET THE "SOLVED" TAG OFF THIS BEFORE WE'RE ALL LEFT HOLDING AN EMPTY BAG!!!!!