PayPal Phishing Scam - Access from a Foreign IP address
Authentication-Results: mta160.mail.ukl.yahoo.com from=paypall.com; domainkeys=neutral (no sig)
Received: from 184.108.40.206 (EHLO tmserver.tmsgm.com) (220.127.116.11)
by mta160.mail.ukl.yahoo.com with SMTP; Fri, 11 Jul 2008 23:10:44 +0000
Received: from User ([18.104.22.168]) by tmserver.tmsgm.com with Microsoft SMTPSVC(6.0.3790.1830);
Sat, 12 Jul 2008 07:04:29 +0800
Subject: Notification of Limited Account Access.
Date: Fri, 11 Jul 2008 16:16:13 -0700
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-OriginalArrivalTime: 11 Jul 2008 23:04:29.0343 (UTC) FILETIME=[78F692F0:01C8E3AA]
Dear PayPal valued account holder,
Copyright © 1999 - 2008 PayPal. All rights reserved.
You will notice that the same template was used in the Chase phishing example, the only difference is the Chase logo and the references to JPMorgan Chase & Co., the anchor text of the phishing link and the alleged IP address and ISP host.
But you want your victims to log into the account and "fill in the required informations"?
A phishing scammer telling the truth, so there is hope after all. A reply to firstname.lastname@example.org (pay attention the double 'l') is obviously not the same as a reply to email@example.com. The sender's e-mail address can easily be spoofed, so even an e-mail that appears to be from firstname.lastname@example.org, is absolutely no guarantee that it really came from PayPal.com. PayPal will anyway never send e-mails like this.
Related Cyber Criminal Profiles:No related profiles found.
Similar Spam Examples:PayPal Phishing Scam - PayPal Alert: Security Checkpoint
Paypal Phishing Scam - Take Action
PayPal Phishing Scam - Notification of Limited Account Access
PayPal Phishing Scam - Resolution Center - Account Issues
Paypal Phishing Scam - Attention! Your PayPal Account Could Be Suspended!