Receipt for your PayPal payment to WHO?

We fondly remember the days when PayPal Phishing frauds were easily spotted by their subject line alone. The urgent warnings about your compromised account made identity theft emails almost trivial to identify.

But, as with all things technology, the lame Phishing attempts too have evolved, and they’re snaring even users with moderate technology skills. The latest evolution of the PayPal identity theft fraud relies on the user’s reaction to what appears to be a standard account notice. The subject line is a receipt for payment, but to a seller with which you have not conducted a valid transaction, such as:

Subject:     Receipt for your PayPal payment to Soo Duk Lee

The email itself contains standard language like:

You sent a payment of $149.49 USD to Soo Duk Lee (

Thanks for using PayPal. To see all the transaction details, log in to your PayPal account.


It may take a few moments for this transaction to appear in your account.

Here’s a complete copy of such a fraud:

Receipt for your PayPal payment

Receipt for your PayPal payment

Exercising good judgement on the part of the spammer, the purported sale will be for something common, and will include an item number, for example:

U.S. Polo Assn. Men’s US0019 Black Rubber Strap Analog Digital Watch
Item# 314040180261

Perhaps most important to the social engineering aspect of this fraud, the amount of the sale is large enough to generate a sense of urgency, yet it is not so too large as to appear obviously bogus.

Naturally, the email includes this powerful standard language:

Issues with this transaction?

You have 45 days from the date of the transaction to open a dispute in the Resolution Center.

And that’s the hook.

Whether you fear that your Ebay and Paypal accounts have been hacked, or that the sale is a simple mistake that should be easily corrected, following any of the links in this email will lead you to a Phishing attack site.

While such attack sites may appear to be a legitimate PayPal login page, any username/password combination that you provide will be saved and forwarded to the hackers responsible for this campaign.

As usual, if you receive such a message and are not sure as to it’s validity, the best course of action is to log into your Ebay or PayPal account directly (not through links provided in the email).  If there is a transaction that you need to review, it will be displayed in your account once you login. If no such matching transaction is displayed, then the email you received was most certainly a fraud.



- -

OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.

Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."

OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.

Tags: , , , , ,

Comments are closed.