Discussion:
Dear Paypal
(too old to reply)
Redrawn Buns
2013-02-13 13:26:19 UTC
Permalink
I love the way you've re-branded your "monthly activity reminder" to be
a "monthly statement". Using only plain text and the paypal.com domain
would be too boring I suppose?

I'm sure you think you're distinguishing it from the phishers' handiwork
by linking to sites such as
https://www.paypal-marketing.co.uk
https://www.paypal-shopping.co.uk
everyone knows the scammers could never posibly register such domains,
could they? And they'd never dream of using certificates issued to a
Singapore company.

Loading all your images, stylesheets and javascripts from domains like
paypal-communication.com
paypalobjects.com
paypal-deutschland.de
paypal-business.com
is such a nice touch.

Sending it through mail servers named "bm1-08.bo3.e-dialog.com" would
even reassure my old granny.

I particularly like this month's latest touch of including a pictogram
of an envelope in the subject field "=?UTF-8?B?4" I bet it'll take hours
for the scammers to copy that.

Regards
Andy.
Znep
2013-02-13 14:28:07 UTC
Permalink
In uk.rec.sheds, (Redrawn Buns) wrote in
Post by Redrawn Buns
I particularly like this month's latest touch of including a pictogram
of an envelope in the subject field "=?UTF-8?B?4" I bet it'll take hours
for the scammers to copy that.
The easiest way to spot Paypal fakes is that they almost never address
you by name. And in my case, at the right email address. I have two
Paypal accounts (personal and business) and both use email addresses I
use for nothing else.

Paypal could make this better, though, if they could be arsed: it would
be straightforward for them to generate a one-off ID that you could use
to send or receive payment, but would (internally) be forwarded to your
real email address, so even people you've done business with could not
capture your address.
--
Marc

Atheism and Religion are but two sides of the same coin.

One prefers to use its head, while the other relies on tales.
Redrawn Buns
2013-02-13 14:41:23 UTC
Permalink
Post by Znep
The easiest way to spot Paypal fakes is that they almost never address
you by name.
Except every TD&H you've ordered penc from has access to your name for
deliveries, and *none* of their systems could ever be hacked, or have
been set up purely to capture details by appearing to fryy stuff ...

Bayesian filtering manges a reasonable wbo, I try to keep an eye on it
so that any important messages from PP don't end up in /dev/nul, my jbex
C/C got some spurious transactions once, they were easily revoked.
Znep
2013-02-13 16:22:36 UTC
Permalink
In uk.rec.sheds, (Redrawn Buns) wrote in
Post by Redrawn Buns
Post by Znep
The easiest way to spot Paypal fakes is that they almost never address
you by name.
Except every TD&H you've ordered penc from has access to your name for
deliveries, and *none* of their systems could ever be hacked, or have
been set up purely to capture details by appearing to fryy stuff ...
Bayesian filtering manges a reasonable wbo, I try to keep an eye on it
so that any important messages from PP don't end up in /dev/nul, my jbex
C/C got some spurious transactions once, they were easily revoked.
Well, yes, all that's true- having said that, in 7 or 8 years of using
Paypal, I've yet to get a dodgy one addressed to my real Paypal email.

But I still check the headers, just in case.
--
Marc

"There is no cause so right that one cannot find a fool following it." - Niven
Ahem A Rivet's Shot
2013-02-13 16:05:02 UTC
Permalink
On Wed, 13 Feb 2013 14:41:23 +0000
Post by Redrawn Buns
Post by Znep
The easiest way to spot Paypal fakes is that they almost never address
you by name.
Except every TD&H you've ordered penc from has access to your name for
deliveries, and *none* of their systems could ever be hacked, or have
been set up purely to capture details by appearing to fryy stuff ...
All of this is true, but I've yet to see a fake Paypal email with a
correct name, or indeed any name. That being said I delete most of the real
ones with only a cursory glance too.
--
Steve O'Hara-Smith | Directable Mirror Arrays
C:>WIN | A better way to focus the sun
The computer obeys and wins. | licences available see
You lose and Bill collects. | http://www.sohara.org/
canaldrifter
2013-02-13 17:22:47 UTC
Permalink
In article <***@eircom.net>,
Ahem A Rivet's Shot <***@eircom.net> wrote:

I delete most of the real
ones with only a CURSORY glance too.
Oh yeah! I get the point!

Tone

Brian Gaff
2013-02-13 15:38:52 UTC
Permalink
Be all wasted on me though.

Brian
--
From the Bed of Brian Gaff.
The email is valid as ***@blueyonder.co.uk
Blind user.
I love the way you've re-branded your "monthly activity reminder" to be a
"monthly statement". Using only plain text and the paypal.com domain would
be too boring I suppose?
I'm sure you think you're distinguishing it from the phishers' handiwork
by linking to sites such as
https://www.paypal-marketing.co.uk
https://www.paypal-shopping.co.uk
everyone knows the scammers could never posibly register such domains,
could they? And they'd never dream of using certificates issued to a
Singapore company.
Loading all your images, stylesheets and javascripts from domains like
paypal-communication.com
paypalobjects.com
paypal-deutschland.de
paypal-business.com
is such a nice touch.
Sending it through mail servers named "bm1-08.bo3.e-dialog.com" would even
reassure my old granny.
I particularly like this month's latest touch of including a pictogram of
an envelope in the subject field "=?UTF-8?B?4" I bet it'll take hours for
the scammers to copy that.
Regards
Andy.
Continue reading on narkive:
Loading...