An
Email with the Subject "Update your PayPal Account" was
received in one of Scamdex's honeypot email accounts on Sun, 24 Apr 2011 13:27:34 -0700
and has been classified as a Generic Scam Email.
The sender shows as PayPal <service@paypal.com>.
The email address was probably spoofed. Do not reply to or contact any persons or organizations referenced in
this email, or follow any URLs as you may expose yourself to scammers and, at the very least, you will be
added to their email address lists for spam purposes.
Scam TagCloud
paypalpaypal.comlog inlogincreditpasswordcheckwinsafeaccountminderserviceinternetaccessmailreference will security(internet explorer or net...(http://paypal.com/)http://paypal.com/)fs
NO CHART DATA - EMAIL HAS NOT YET BEEN ANALYSED
Scam Email Headers
This a (redacted) view of the raw email headers of this scam email.
Personally Identifiable Information (PII) has been suppressed, but can be
supplied as received to appropriate investigating or law enforcement agencies on request.
EEEEEstdClass Object
(
[return-path:] =>
[envelope-to:] => mail@scamdex.com
[delivery-date:] => Sun, 24 Apr 2011 13:27:34 -0700
[received:] => Array
(
[0] => from lx3.zetosa.com.pl ([80.85.224.77] helo=lx3.zetosa.pl)by chester.loopbiz.com with esmtps (TLSv1:AES256-SHA:256)(Exim 4.69)(envelope-from )id 1QE5u1-0007mo-4Lfor mail@scamdex.com; Sun, 24 Apr 2011 13:27:34 -0700
[1] => from lx3.zetosa.pl (localhost [127.0.0.1])by lx3.zetosa.pl (8.14.3/8.14.3) with ESMTP id p3OKRW7V018539for ; Sun, 24 Apr 2011 22:27:32 +0200
[2] => (from apache@localhost)by lx3.zetosa.pl (8.14.3/8.14.3/Submit) id p3OKRW5s018538;Sun, 24 Apr 2011 22:27:32 +0200
)
[date:] => Sun, 24 Apr 2011 22:27:32 +0200
[message-id:] => <201104242027.p3OKRW5s018538@lx3.zetosa.pl>
[to:] => mail@scamdex.com
[subject:] => Update your PayPal Account
[from:] => PayPal
[reply-to:] => service@paypal.com
[mime-version:] => 1.0
[content-type:] => text/html
[content-transfer-encoding:] => quoted-printable
[x-mime-autoconverted:] => from 8bit to quoted-printable by lx3.zetosa.pl id p3OKRW7V018539
[x-spam-status:] => No, score=2.8
[x-spam-score:] => 28
[x-spam-bar:] => ++
[x-ham-report:] => Spam detection software, running on the system "chester.loopbiz.com", hasidentified this incoming email as possible spam. The original messagehas been attached to this so you can view it (if it isn't spam) or labelsimilar future email. If you have any questions, seethe administrator of that system for details.Content preview: information about your account : Security Center Warning!Your PayPal account was limited ! As part of our security measures, we regularlycheck the work of the screen PayPal. We have requested information from youfor the following reason: [...] Content analysis details: (2.8 points, 4.0 required)pts rule name description---- ---------------------- --------------------------------------------------1.6 RCVD_IN_BRBL_LASTEXT RBL: RCVD_IN_BRBL_LASTEXT[80.85.224.77 listed in bb.barracudacentral.org]0.0 HTML_MESSAGE BODY: HTML included in message1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
[x-spam-flag:] => NO
)
Domain Names used for collecting scam email ("Honeypot email accounts") have been obscured and replaced with the token 'HUN1P0T'
Community Action - SPAM/non-Scam Report
Occasionally, incorrectly categorized emails get into the Scamdex Scam Email Database and need to be removed. If this
email has Personally Identifiable Information (PII), or is, in your opinion, from a bona-fide entity, let us know.
Scamdex will, as soon as is practicable, take-down any emails that in our opinion should not
be in our database. Note that ALL emails in the Scamdex Scam Email Database were received as Unsolicited Commercial Email, aka UCE or
SPAM, via unpublished 'Honeypot' email addresses.
As part of our security measures, we regularly check the work of the
screen PayPal. We have requested information from you for the following
reason:
Our system has detected unusual charges to a credit card linked to your
PayPal account.
Reference Number: PP-259-187-991
This is the last reminder to log into PayPal, as soon as possible. Once
you connect. PayPal will provide measures to restore access to your
account.
Once connected, follow the steps to activate your account. We
appreciate your understanding as we work to ensure security.
We appreciate your attention to this issue. Please
understand that this is a security measure designed to protect you and
your account. We apologize for any inconvenience ..
Any
safe access to the site or your PayPal account, open a browser
window (Internet Explorer or Netscape) and type in the login page
PayPal (http://paypal.com/) to make sure you're on the genuine PayPal
Web.
For
more information on the protection against fraud, please consult
our safety tips
Protect your
password
You
should never give your PayPal
password to anyone.
