Today I received the following LEGITIMATE notice from Pay Pal. It is unchanged, except I have modified my name (to X Y) and e-mail address (to x@y.z) on the letter.
Date: 20 Mar 2004 02:08:51 -0000
From: PayPal <announcements-account@paypal.com>
Subject: Your PayPal Account May Be a Target for Deceptive Emails
To: "X Y" <x@y.z>
X-Mailer: PayPal Mail Service (2.0.3)
Your PayPal Account May Be a Target for Deceptive Emails
Dear X Y,
As part of PayPal's proactive efforts to protect our customers, we are notifying you of important information that we received suggesting that your PayPal account may be a target for deceptive emails, otherwise known as "spoofing" or "phishing". These emails are designed to appear as if they were sent from a trusted online company that you have done business with, such as PayPal.
PayPal has learned that third parties may have obtained limited transaction information from the PayPal site about one or more of your online purchases after obtaining passwords of several PayPal merchants. The information includes general transaction information such as your first and last name, mailing address, email address, and transaction details. These parties may seek to use this information to target you with a deceptive email appearing to come from PayPal or online merchants with whom you have done business.
It is important to note that your personal or financial information, including your PayPal password, and Social Security, driver's license, credit card, and bank account numbers are not at risk. In order to protect your account, this information is always hidden and encrypted, and cannot be accessed by any merchant or third party.
What You Can Do To Protect Yourself
Never provide personal or financial information in response to an email request: PayPal will not ask you to supply your password, bank account number, or any other financial information in an email.
Look out for suspicious-looking emails: If you find an email that you suspect may be fraudulent, forward it immediately to
spoof@paypal.com and delete it.
Always open a new web browser window (e.g. Internet Explorer or Netscape) to log into PayPal: In the new web browser window, type in the following:
https://www.paypal.com/. We suggest you regularly check your PayPal account for any unusual activity.
Do not download any attachments: PayPal will never send you an email attachment, or ask you to download anything in order to use our service or that of any partners.
As you may already know, spoof (deceptive email) is becoming an increasingly common problem impacting large online companies and their customers. PayPal takes spoof very seriously. Remember that your account can be compromised if you share your PayPal password outside the PayPal site.
If you have any questions, or believe you may have already given out your personal information, please call PayPal Customer Service at 1-866-648-5872 or email us at
customerservice@paypal.com.
Sincerely,
The PayPal Fraud Management Team
This PayPal notification was sent to x@y.z because your account is likely to be impacted by a recent change to our service. PayPal reserves the right to contact members regarding important product or policy announcements. To modify your notification preferences, go to
https://www.paypal.com/PREFS-NOTI/ and log in to your account. PayPal will not sell or rent any of your personally identifiable information to third parties. For more information about the security of your information, read our Privacy Policy at
https://www.paypal.com/privacy/. Replies to this email will not be processed. Copyright© 2004 PayPal, Inc. All rights reserved. Designated trademarks and brands are the property of their respective owners.