> I just received an official looking email
> from PayPal that asked for account
> verification. Called Paypal and it is a scam
> to get your account information. It is a
> very good forge of PayPal's email and
> website. Be on guard and never give out your
> account information.

Yeah, the same thing happens with eBay accounts. I've seen several of both. Here are a few tips:

1. Check spelling. Every forgery I've seen so far (and I've received perhaps a dozen or so, not counting the obvious scams that don't even attempt a forgery) has contained egregious spelling and grammatical errors.

2. Look at the full message header. In Outlook, you can do this by right-clicking on the message, then clicking "Properties," then going to the "Details" tab. See if the information under "received" matches the "return path," and if they make sense. (This is how the scammer makes it look like your reply-to is going to a PayPal or eBay address, when it is, in fact, being directed to a different address entirely.) In MailWasher, which is the spam filter I use, you can look at the full message headers without even having to open the email in Outlook, a nice feature.

3. Don't click on any links in the email, even if you know it to be authentic. Instead, if you have any account service stuff that needs to be done, go to the website itself, using the old-fashioned type-the-URL-into-the-browser-window method. Check to make sure the little security lock symbol is locked (although that, too, can be faked, but if you've gotten to the website the old-fashioned way, your browser is less-likely to have been hijacked.) Then, do whatever it is that needs doing.


Tightwad Marketing: free advertising and marketing advice and resource reviews for small business