Internet marketing resources, ecommerce web site design tutorials and  just for fun - free cell phone ringtones!
  Taming the Beast - quality web marketing and ecommerce development services

Paypal scam detection tip

Posted by Michael Bloch in ecommerce (Sunday March 2, 2008 )

Paypal is an important payment processing partner for many online businesses – so when PayPal sends an email about your account, it’s important to take note. Unfortunately, scammers also know this.

I estimate that over 95% of all emails I receive from “PayPal” that make it past my spam filters aren’t from the company at all – just bottom feeding scammers trying to grab my login details. Most of these notes are quite amateurish, but some are so well done, it’s understandable that some people get caught out.

The good news is you don’t even have to open these emails to determine if they are legit or not if you’re using a desktop email application such as Outlook or Thunderbird – all you need to do is look at the header.

An email header is behind the scenes info that contains information showing the point of origin of an email. To view the header info:

Outlook:
Highlight the message, select “View” on the menu bar and click “Options”.

Outlook Express:
Highlight a message, select “Properties” from the File menu. Then click the “Details” tab, followed by “Message source”.

Thunderbird:
Highlight the email and on the menu bar click View, select Headers and choose “All”.

What you’re looking for is a line very close to the top that starts with “Received from”. Here’s some examples:

Received: from dd11308.idiotscammer.com (dd11308.idiotscammer.com [xx.xx.xxx.xxx])

.. this is not a legitimate PayPal email

Received: from paypal.idiotscammer.com (paypal.idiotscammer.com [xx.xx.xxx.xxx])

… neither is this

Received: from phx01imail01.phx.paypal.com (mx1.phx.paypal.com [66.211.168.231])

… this is legitimate

The key here is the domain mentioned *immediately prior* to the .com. If that domain isn’t Paypal, then the communication is fake.

Even if the email does appear legitimate, a further safety precaution is to never log into PayPal via a link in an email. Go directly to the paypal.com site and log in from PayPal’s home page.

Related

Anti-spam filter services
Ecommerce – fraud screening strategies
Merchant accounts and payment processing



 

 
1 comment for Paypal scam detection tip
  1. Timely! I just started buying machinery for my offline automotive machinery business, (mastaquip.com.au)on ebay. I have received a false payment request notice when using ebay some time back, and got a bit scared off.I did not know about paypal scam, so I guess this time I am in front, as I now know what to look for. Thanks Michael, you do seem to cover a wide piece of turf.

    Comment by Ern — March 2, 2008 @ 7:48 pm

Sorry, the comment form is closed at this time.