Scary PayPal Scam

This screenshot is of an email I received today. As I have used Paypal in the past [some years ago] and as the so-called transaction info. is addressed to an ‘Andrea’, I did have a moment of total dislocation. Had the scammers hacked my financial information?

And then I thought to look at the sender:

edwards5078jcb@gmail.com

I’m pretty sure that Paypal, the real Paypal, doesn’t use gmail to communicate with customers! Nevertheless, I did get a fright so I thought I’d share this scam so no-one else gets a fright…or god forbid…clicks on one of those nice, official looking links.

Why not? Because those links will not lead to anywhere good. They could lead to a site that downloads a trojan to take over the computer, or they could lead to a bogus Paypal page where they’re asked to enter their ID and password. The ID and password will fail, of course, but the scammers will now know how to access that Paypal account. Lose-lose.

If you even suspect that an email might be a scam, don’t click on any of the links! Danger Will Robinson. Danger!

As to how the scammers found me, that I don’t know. Did they send out millions of emails all addressed to women of different names in the hope that a few would hit the jackpot?

Or is there a database out there that contains my email address and first name but not my last name? That sounds a bit far fetched. I mean if they knew my email address and my first name, why would they not know my last name?

Or…given how often we’re asked to provide our email address, did some algorithm go through the data here, on this blog and profile me?

A quick check revealed that I’ve written twelve posts [counting this one] that are either about Paypal, or mention Paypal. Another check showed that ‘Andrea’ has been mentioned in 16 posts counting this one. One of those posts is actually about the singer Andrea Bocelli, but that’s still a lot of identifiers. Curiously, the one thing you won’t find on my blog is my actual email address. So how did they find me?

I may never know how these scammers do what they do, but I know one thing for sure, the person who owns the email address used by the scammers has been hacked. After I publish this post I’m going to email him/her and show them the same screenshot that you have seen. After that it’s up to them to work out how the scammers managed to hack their gmail account and use it to farm out scams to other people. Sadly, this person really doesn’t have anything to hide, not any more.

cheers,
Meeks

About acflory

I am the kind of person who always has to know why things are the way they are so my interests range from genetics and biology to politics and what makes people tick. For fun I play online mmorpgs, read, listen to a music, dance when I get the chance and landscape my rather large block. Work is writing. When a story I am working on is going well I'm on cloud nine. On bad days I go out and dig big holes... View all posts by acflory

51 responses to “Scary PayPal Scam

  • robbiesinspiration

    Hi Meeks, I haven’t had this with PayPal but I’ve had it with other banks. I always check the email and I also know that real banks never ask you to provide personal details via return email. They ask you to contact them. The world is such a difficult place to negotiate with so many technological scams happening.

    Liked by 1 person

    • acflory

      You are so right. There are always signs that something isn’t legit. I guess a lot of people either don’t look for them, or they’re so shocked by the thought of either getting money – “You’ve won $$! Click here to collect” or having their money stolen that they click first and regret later. :/

      Like

  • Widdershins

    It always pays to check those pesky email addresses … and good on you for alerting the owner of it. πŸ™‚ … I have a regular spammer who uses the email of someone I know for a fact to be dead. May they continue to be minimally stupid.

    Liked by 1 person

  • Alicia Butcher Ehrhardt

    As per a comment here from someone whose comments weren’t getting posted (and I can’t find it any more), I went and checked my WordPress Comments for both sites. I see I have the default two weeks and they’re gone setting. NOT ONE was legitimate out of many dozens.

    Akismet handles my spam – I send them a small donation every year.

    The junk is sickening.

    I have the setting that someone’s first comment has to be approved; it works fine for me. Haven’t had to ban someone – I’ve been blogging since 2012.

    Liked by 3 people

    • acflory

      I don’t have the approval setting on but I know Akismet or whatever is blocking out and out spam. A few still sneak through every now and then, but honestly very, very few.
      The thing I can’t work out is why I get so many ‘commercial’ likes for some of my posts. Maybe they think others will check/them/ out? No idea.

      Liked by 1 person

  • jilldennison

    I have received very similar emails purportedly from PayPal or Amazon, advising me of some large purchase. It IS disconcerting, but I’ve learned to check my bank balance and so far, nothing has been amiss. Still, it pays to keep our guard up, for all it takes is one time to wreak havoc. A word of advice … always completely close your browser for a few minutes after logging into your bank or any other source where you are required to enter sensitive financial information. You can never be too cautious. Hugs

    Liked by 2 people

    • acflory

      Great tip, Jill. I use a different browser for internet banking or buying stuff on amazon so I always close it before swapping browsers for ‘normal’ browsing. And you’re right, you can’t be too cautious. Not these day. -hugs back-

      Liked by 2 people

      • jilldennison

        I do the same! About 10 years ago, our bank account was hacked and ever since them, I take caution to the nth degree! I even have my bank send a code to my cell phone every time I (or anybody else) log on. It’s a sad statement of our society that some folks would rather put their energies and talent toward getting money illicitly than earning it. Some hackers are super-intelligent, but they channel their energies in the wrong direction instead of creating something of value.

        Liked by 3 people

        • acflory

          High Five, my friend! The same thing happened to us, although it wasn’t via our internet. The local supermarket EFTPOS machines were hacked somehow and half of Warrandyte had account details stolen. Nevertheless, it made me super cautious as well, and we have ‘tokens’ for our banks. The tokens generate a random number that becomes the 3rd level of identification before we get to internet banking. I honestly don’t know how people can do banking on their /phones/. I think that’s a disaster waiting to happen.

          Liked by 2 people

          • jilldennison

            Ours wasn’t via the internet, either. Interestingly, our bank had merged with another and it was actually bank staff who had been accomplices in the theft of not just our account, but almost all of them! The bank made it right, but it was still stressful and a HUGE hassle! Like you, I would never even consider accessing my financial info via my cell phone! People get careless, and that’s what the hackers are counting on, just waiting and watching. It’s a sad statement of our society today.

            Liked by 2 people

          • acflory

            My god…that’s terrible. To have the actual staff doing the dirty on customers… 😦
            And yes, even if the actual phones are ‘safe’, people aren’t.

            Liked by 2 people

  • D. Wallace Peach

    I’ve become accustomed to checking the email address on anything that looks slightly suspicious. Most of the time it’s a scam. Thanks for sharing this latest because I do use the service. You probably saved someone from a terrible experience. πŸ™‚

    Liked by 3 people

  • Matthew Wright

    Ouch! It’s incredible how good scammers are getting these days. I must admit, I tend to treat everything as a scam. A year or two back this resulted in my website URL being de-registered because I’d deliberately ignored the unsolicited domain verification requests I’d been receiving. But better that than sending my credentials to a scammer. The sadness about all of this, of course, is that the internet has so much to offer in terms of transforming ways of life and the way people interact; yet it’s taken almost no time at all for much of it to be subverted by those with criminal intent. It’s not a good advertisement for human nature.

    Liked by 2 people

    • Yorgos KC

      I’d consider treating everything as scam is a good policy. If there isn’t an attachment you can safely open the email and then examine the code. At least that’s what I do, when in doubt, like mails that come from “my bank”, or something like that.

      And yes, certainly a misuse of an excellent means. After all, internet is not for scam, but for porn πŸ˜‡

      Liked by 2 people

    • acflory

      Ouch indeed. 😦 I have a domain name and always ignore those requests because I don’t actually have a website attached to that domain name. Always assumed they were a scam too. :/
      Human nature is…a mess. Little wonder that we invented gods and demons.

      Liked by 1 person

  • Jacqui Murray

    The odd email–I always check for that. And poor grammar and spelling. Glad you posted about this, Meeka.

    Liked by 2 people

    • acflory

      Yes, the grammar and spelling are also a dead giveaway. That said, I’ve noticed that they seem to be getting better at both. Definitely becoming more sophisticated in comparison to a scam I received a few years ago. The cockroaches are mutating. :/

      Liked by 3 people

  • ChrisJamesAuthor

    Thanks for the warning. Yup, we have to be right on the ball with these things.

    Liked by 2 people

  • Words on Paper

    Thanks for the heads up, Meeks…

    Liked by 1 person

  • davidprosser

    HELLFIRE, THAT WOULD PUT M OFF MY PORRIDGE. I’m glad you’re on the ball.
    Hugs

    Liked by 3 people

  • Cathy Cade

    Some of the email addresses these scams come from are so weird they probably aren’t genuine anyway, but I’ve even had emails from my own email address in the past. You’re right, the email adress is the first clue.
    There is a useful website at haveibeenpwned dot com which will alert you to data breaches involving any email address you register with them, although these take a little time to be discovered. (I’ve noticed Google is doing this too now and warns me to change the compromised passwords.)
    The safe thing is NEVER to click on any link from an email, even if you’re expecting it, and to go into the website via your usual browser method of loggin in. It’s slower, but safer.

    Liked by 4 people

    • acflory

      ‘It’s slower, but safer.’ Couldn’t agree more, Cathy! I get so mad at utilities companies that send legitimate emails to their customers, not realising that scammers can hijack customer’s trust by presenting ‘look-a-like’ logos and web pages. Grrrr….

      Liked by 2 people

    • Yorgos KC

      Firefox also “alerts” you, if there is a possible breach to any account – email or otherwise – you’ve saved your log in info. In quotes because you need to regularly check your saved accounts page. Or at least, I haven’t found another way to do that.

      Liked by 2 people

      • acflory

        Those saved passwords are why I never use Firefox for my money related stuff. I have another browser for that, just because I’m not 100% that Firefox doesn’t save my logins even when I tell it not to.

        Liked by 1 person

        • Yorgos KC

          Yeap! Never save these passwords and, even never-er on those kind of browser accounts that help all your devises have access to them.

          Liked by 1 person

          • acflory

            -shudder- Yeah, I don’t have my phone linked to anything, partly for safety but mostly because data is much too expensive on my phone. I use is as a phone and very little else. Gods…I sound like someone from the Middle Ages or something.

            Liked by 1 person

          • Yorgos KC

            🀣🀣
            Nah! Phones’ main use should have been, as the name suggests, this of a phone.

            Liked by 1 person

          • acflory

            True, but the enormous changes in the tech, and the revolution in social media, have turned phones into surrogate pc’s, especially for those who don’t have pc’s or don’t know how to use them. And that trend will just continue. I know I should embrace the tech, but there’s so much wrong with it, I just can’t. 😦

            Liked by 1 person

          • Yorgos KC

            For starters there is so little “p” in these “pc’s” πŸ˜† And the fact real sites are becoming app-alike, because so many using the app, is a near second.
            Having a decent camera with you, while you don’t actually carry your camera, having a note-pad to write down ideas, when they come to you and you are out, being able to do some job on the move (when I was actually moving around) are some of the conveniences they provide I really like about them.
            Technology, per se, is not a bad thing, but seeing “Skynet” becoming more and more real, that’s not a pleasant thought πŸ˜…

            Like

          • acflory

            Ah yes, I forgot about the camera. To give smartphones their due, I also love the camera. I used to have a small digital camera and hardly ever used it. The camera on my phone gets used all the time. And yes #2 I sometimes write shopping lists on my phone. Ahem. My problem with the phones is that a) the screens can’t help being tiny and my eyes are /old/, and…the addiction. Back when I used to go out, I’d see groups of people standing together but all of them on their phones. They’re checking to see if their latest comment on FB or Twitter or Tumblr or wherever has gained any more likes or comments. It’s such an ego thing. On the pc, I check comments on my blog and sometimes on Youtube, but only once or twice a day. The rest of the time I’m working, writing, doing graphics or just living life.
            -sigh-
            I guess all that isn’t the fault of the phone, it’s the fault of the sick social media platforms created by true megalomaniacs. :/

            Liked by 1 person

          • Yorgos KC

            Yeap, the addiction is sad. Even in cafes you see people sitting at the same table and have none to little eye contact and conversation with each other. πŸ˜…

            A funny (or not so much) incident I witnessed while returning from shopping not long ago and takes this thing to another level:

            Girl walks down the street, phone in hand, looking down towards the screen while walking.
            “Hello, father,” she says and kisses towards the screen.

            She is having a video call with her father, I assumed. Wrongly.

            The guy parking his motorcycle at the other side of the street replied. He was her father. Don’t even know how she managed to spot him.

            Liked by 1 person

          • acflory

            Good grief. That is…disturbing. I wonder if the pandemic has accelerated this physical ‘disconnect’?

            Liked by 1 person

          • Yorgos KC

            Probably. We’ve been locked inside for too long. Even those who didn’t take it too seriously. And the only social life and connection with the outside has been these social media. The addiction was already there, so making it stronger was an easy thing. 😌

            Liked by 1 person

          • acflory

            Yeah, that’s true. I realised just the other day that bit by bit, most of my social connections have become digital. What shocked me was that I’d even stopped phoning RL friends. Not that I used the phone much before the pandemic, but now I hardly use it at all.

            Liked by 1 person

  • CarolCooks2

    I do the same as Alicia…Jeez, I hope they fry too…

    Liked by 4 people

    • acflory

      -giggles- Me too! We are ferocious ladies aren’t we?

      Liked by 2 people

      • Yorgos KC

        I think during the pandemic/lockdowns those scams became much more common (almost an everyday phenomenon) and much more clever. As you said, they are learning grammar and spelling in a worrisome speed. I have found out that I have accounts in several banks around the world, that all, for some reason, need me to log in, by following the provided link 😏

        Also received several mails from “FedEx” “UPS” and other such services for parcels that were hold in customs (in quite a few different states of the USA, I didn’t know I have a home there) which I needed to pay for before they could proceed with the delivery. Most were addressed to “Dear/Esteemed/etc customer” but some used names. So, probably, the name is a coincidence.

        Wise choice to check the email address. Most of the times is a good giveaway, but some times, it’s not enough. Copying it to Word (or whatever you use) and change the font sometimes reveals there is an a lower case “L” where you’ve been reading a capital “i” and things like this that make the email seem legit enough, at first glance. (And yes, I wrote them this way, because here, “l” and “I” look the same πŸ€·β€β™‚οΈ)

        Liked by 1 person

        • acflory

          -giggles- some of this made me laugh. Don’t you wish we did own homes in all those other places? And thanks for the tip about the upper and lower case. There have been times when I’ve scratched my head about an email address, especially as some big companies do odd things with their addresses. for example, KDP is /kdp.amazon.com. First time I saw that I didn’t know if it was legit or not.
          Staying safe shouldn’t be this hard!

          Liked by 1 person

  • Alicia Butcher Ehrhardt

    I always hover my cursor over the email address to see where it REALLY comes from. And always go to my browser and type in the correct address for a login myself – no clicking links.

    May they fry.

    Liked by 4 people

Don't be shy!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: