Paypal Flag

WARNING: PayPal and other mentioned compagnies have nothing to do with this scam. They just happen to be mentioned in the email I received.

What's written on red below (like this one paragraph) is what I added to the message.

The following is an email I received. Very nice, in HTML... Problems with it? Well, for one: I'm not a PayPal customer! But let's pretend for a second. Why are they flagging my account? For security reasons...

Ha! And if I do not verify my info, they will terminate my account. Funny, I'd bet if I had read their terms and conditions there would be NOTHING about such "flagged accounts will be terminated" (and notice that they don't give a date, when is that gonna happen?!)

The rest is true normal non-scam email from Paypal. Look real, n'est-ce pas? I like the smiling couple (well look at the woman's arm?!). Isn't it nice? A smiling couple who tell you hey! we're going to terminate you!

The small print at the bottom says: Do not replay to this email... What's that replaying an email? If I play poker, I can bet with this email once?! Also, the privacy policy url is present, but no link... cannot click on it. Shouldn't we want to read that first?!

From PayPalSecurity@www.PayPal.com Sat Mar 11 02:19:24 2006 X-Apparently-To: alexis_wilke@yahoo.com via 206.190.39.159; Sat, 11 Mar 2006 02:30:49 -0800 X-Originating-IP: [66.35.250.206] Return-Path: <paypalsecurity@www.paypal.com> Authentication-Results: mta121.mail.mud.yahoo.com from=www.PayPal.com; domainkeys=neutral (no sig) Received: from 66.35.250.206 (EHLO mail.sourceforge.net) (66.35.250.206) by mta121.mail.mud.yahoo.com with SMTP; Sat, 11 Mar 2006 02:30:49 -0800 Received: from [222.234.222.27] (helo=crossmobile.net) by mail.sourceforge.net with esmtps (TLSv1:AES256-SHA:256) (Exim 4.44) id 1FI1My-0003sL-Tz for alexis_wilke@users.sourceforge.net; Sat, 11 Mar 2006 02:30:46 -0800 Received: from oracle (adsl-69-149-42-50.dsl.rcsntx.swbell.net [69.149.42.50]) (authenticated bits=0) by crossmobile.net (8.12.10/8.12.10) with ESMTP id k2BAM7r8013536; Sat, 11 Mar 2006 19:22:09 +0900 Message-Id: <200603111022.k2BAM7r8013536@crossmobile.net> From: "PayPalSecurity@www.PayPal.com" <PayPalSecurity@www.PayPal.com> Subject: Your account has been flagged! Date: Sat, 11 Mar 2006 04:19:24 -0600 MIME-Version: 1.0 Content-Type: text/html; charset="Windows-1251" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Spam-Score: 4.7 (++++) X-Spam-Report: Spam Filtering performed by sourceforge.net. See http://spamassassin.org/tag/ for more details. Report problems to http://sf.net/tracker/?func=add&group_id=1&atid=200001 0.2 NO_REAL_NAME From: does not include a real name 0.1 NORMAL_HTTP_TO_IP URI: Uses a dotted-decimal IP address in URL 0.0 HTML_MESSAGE BODY: HTML included in message 0.2 HTML_FONT_BIG BODY: HTML tag for a big font size 1.2 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only 3.0 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook Content-Length: 4239 February 2006 PayPal Security Measures. It's easy to track your expenses and stay organized when you use PayPal. All your incoming and outgoing payments are tracked on your Account History page. See sample. Your account has been flagged! PayPal Security Measures. Dear PayPal Member, Your account has been randomly flagged in our system as a part of our routine security measures. This is a must to ensure that only you have access and use of your Paypal account and to ensure a safe PayPal experience. We require all flagged accounts to verify their information on file with us. To verify your information at this time, please visit our secure server webform by clicking the hyperlink below: DO NOT CLICK ON THIS LINK! Click here to verify your Information Okay... The story here is that the link was this: http://210.253.120.75/pp/primapagina.htm As you can see: it doesn't say paypal, it could in the path as some people do (i.e. http://210.253.120.75/paypal/primapagina.htm), but it starts with numbers. Note that an IP address can be 4 numbers as here or one large number (whatever these 4 numbers represent in decimal when concantenated in some way all programmers know about...) it doesn't point you to a secure webpage (i.e. the protocol is 'http' instead of 'https' the 's' stands for secure!) If you choose to ignore our request, you leave us no choice but to temporarily suspend your account. Thank you for your patience as we work together to protect your account.  Your PayPal Account in Action Use PayPal to purchase with cash. When you link your bank account to your PayPal account, you can fund your purchases with the money from your bank account. So get Verified—it's just like spending cash. Learn more. Make FREE calls around the world. Reduce your phone bills—with Skype software you can talk to other Skype users all over the world for free. Or make low-cost calls to any landline or cell phone with SkypeOutTM services you purchase with PayPal. Learn more. Pay or get paid back with PayPal. Start off the year with a clean slate. Easily pay your family and friends what you owe them, or request money that they owe you. See how easy it is to send or request money with PayPal.  Special Offers for PayPal Customers       Save 20% on Dell Inspiron Notebooks when you use PayPal. Enter code at checkout: SFW86WKM?16WSL Special Offer— Use PayPal and get free Super Saver Shipping on ship- ments of $49 or more. Save 10% on over 300,000 products. Enter promo code: paysave. Plus Free Shipping, Free Returns, and No Sales Tax.  Helpful Links: ID Theft Resources | Help Center | PayPal Shops | Password Help Please do not replay to this e-mail. To modify your notification preferences, log in to your PayPal account, click the Profile sub-tab, then click the Notifications link under Account Information. Changes may take up to 10 days to be reflected in our mailings. PayPal will not sell or rent any of your personally identifiable information to third parties. For more information about the security of your information, read our Privacy Policy at https://www.paypal.com/privacy. Copyright © 2006 PayPal Inc. All rights reserved. Designated trademarks and brands are the property of their respective owners. PayPal is located at 2211 N. First St., San Jose, CA 95131.