Your account has been limited until we hear from you

[Larry Cunningham]

I'm sure most of you are aware of this, but it probably merits warning anyway..

If you receive an email similar to this one, titled "Your account has been limited until we hear from you" (which I received this morning), alarms should go off:

----------------------------------------------------------------------
We need your help
----------------------------------------------------------------------


Dear Shmucko,


We need your help resolving an issue with your account. To give us time to
work together on this, we've temporarily limited what you can do with your
account until the issue is resolved.

We understand it may be frustrating not to have full access to your PayPal
account. We want to work with you to get your account back to normal as
quickly as possible.

What's the problem?

We want to check with you to make sure that no one has logged in to your
account without your permission.

Please take a moment to change your password and create new security
questions. You should also take a look at your account information and
recent transactions. Make sure that your account information (address,
phone number, etc.) hasn't changed and that you recognize all of your
recent transactions.

If you see a payment that you don't recognize, let us know by going to the
Resolution Center.  Click "Dispute a Transaction" to report an unauthorized
transaction.

Case ID Number: PP-001-432-893-604

How you can help

It's usually pretty easy to take care of things like this. Most of the
time, we just need a little more information about your account or latest
transactions.

To help us with this and to find out what you can and can't do with your
account until the issue is resolved, log in to your account and go to the
Resolution Center.

Sincerely,
PayPal
 
----------------------------------------------------------------------
Help Center:
https://www.paypal.com/us/cgi-bin/helpweb?cmd=_help
Security Center:
https://www.paypal.com/us/security

This email was sent by an automated system, so if you reply, nobody will
see it. To get in touch with us, log in to your account and click "Contact
Us" at the bottom of any page.

Copyright © 2011 PayPal, Inc. All rights reserved. PayPal is located at
2211 N. First St., San Jose, CA 95131.
 
PayPal Email ID  PP1589


Clearly, you should NOT RESPOND to the email. It's an example of "phishing",
getting you to reveal private information to access your account.

Here's an informative link: http://www.fraudwatchinternational.com/phishing/individual_alert.php?fa_no=239351&mode=alert

Although mine was in plain text, many have all the official logos and images and look legitimate.

Don't be Mr. Schmucko. Never click on any links in the email, even though they look legit, what is displayed in the link text does not necessarily correspond to the actual link URL. They have your email address; all they need is your current password..

L.

"There's a sucker born every minute." -P. T. Barnum

[john e. holliday]

I get these every so often.   I usually return/reply with a comment,  "That if you knew this much about me, you know the rest".   I won't type what I tell them to do in their spare time. 

[Randy Powell]

Helps to know that PayPal would never, never send this sort of email or request anything in an email.

[Brian Hampton]

I've had a couple of emails from "paypal" over the last few years but strangely I never completed the sign up stuff because I thought they wanted more information than I was willing to share.

[Tim Wescott]

That, invitations to join money-laundering schemes for the relatives of deceased African dictators, and lottery scams.

Although it has been interesting to note, over the last five years or so, the influx of keyboards with working shift keys into Nigeria.

[Brett Buck]

I'm sure most of you are aware of this, but it probably merits warning anyway..

If you receive an email similar to this one, titled "Your account has been limited until we hear from you" (which I received this morning), alarms should go off:

   Thanks for the warning!  I tried responding, but I didn't know your credit card number.

    Brett

[Peter Nevai]

What I did was delete the email and then went to my paypal account. When I logged into paypal I was informed that my account had been selected for a security audit and verification. This process had me change my account login and password. So the email may have been authentic. I did not use any links within the email nor did I reply to the email. After deleting it I went and logged into PayPal directly.

[Bob Reeves]

PayPal and eBay both know your name and it will be in any email they send. Even if it has your name, as has been said don't click on any email link, go to the internet and log on.

[Brett Buck]

PayPal and eBay both know your name and it will be in any email they send. Even if it has your name, as has been said don't click on any email link, go to the internet and log on.

    This particular one was pretty easy to spot, the URL was in the .DE domain. Most of them are at least smart enough to send you to a .COM domain and then redirect you.

    Brett

[Ed Keller]

My son is part owner of a computer service & programing co., & he set up my new computer here at my office. He sugested using a junk mail "collecting" service, which gathers all mail that appears to be junk mail, & then forwards the list to me ocasionally for me to pick out any e-mail that I want forwarded, & delete any others. The interesting part is that the recent lists have contained almost 50% e-mails that contained a virus, or a "threat", that they identified. Included were things like "UPS, info needed, Fed-X, info that a confirmation is needed, etc., "your credit card has been blocked", & on & on. A lot of scams out there, so beware what you open, because it is too late then to avoid tha attack.  Regards, Ed

[Lee Thiel]

I, just this week, received a notice from Pay Pal that my payment had been made to facebook Ireland, for the amount of 125.00.  I called them and they said my account had already been flagged for suspicious activity.  I notified my bank, and it was taken care of there.  Someone must have (did) get my password and used my PP account.  I have it locked down for the time being until I come up with another password.
Lee TGD

[Wynn Robins]

all legit e-mails for PAYPAL start with Dear YOUR REAL NAME IN FULL  e.g. Wynn Robins

at the moment - the phishers cant do this - so that is one thing to watch for......mind you, I was the 1,000,000 visitor to a website the other day and won $50,000 - I set them my Credit card details and now just waiting for the money 

[Douglas Ames]

I'm waiting for my $Millions$ from Nigeria!! The Western Union guy said it would be anyday now...

[PerttiMe]

I get these every so often.   I usually return/reply with a comment,  "That if you knew this much about me, you know the rest".   I won't type what I tell them to do in their spare time. 

And then they can be sure that you exist.

A while ago I got one that said I'd been swindled by Nigerians and now they'd like to return at least some of my money

[Jack Pitcher]

I also got one of those paypal phish a few days back. It was stinking badly so I deleted it promptly.

Then two days later I got an email from Discover Card for a fraud alert. It looked like a legitimate message from Discover but I was suspicious. My paypal account is not linked to my Discover Card but I was still a bit concerned. I called them using the customer service number printed on my last statement to be sure I was talking to the real Discover. Sure enough someone had run up over three grand in charges on my account. Don't know how the account number was compromised. This has nothing whatever to do with paypal so far as I can tell. Discover took care of it promptly, reversed the charges and closed the account. I'll have to start over with a new account but I'm breathing easier now.

Jack

[Randy Powell]

Hey, the internet is the Wild West these days. Be careful out there.

[Larry Cunningham]

..more like an open sewer, with $3 bills floating in it!

Well interesting, it turns out that my message was apparently legitimate after all - a cautious visit to
PayPal and logon said my account had been "randomly" selected for security verification. After
making very sure it was the secure site (I don't log in there often), they made me answer 50
questions, reset my password and security questions, then had their bot call me and enter a
security pin code to "remove the limitation"..

When I logged into the site again, it also verified that it was happy, all was well now, and I had
suffered no suspicious activity (except some clown named Brett Buck trying to guess my VISA
card number, who was now under criminal investigation.. ;-> ). To be even surer, I had it list out
all my transactions for the last year and everything was copacetic (geez, did I spend all THAT?)
and I'm able to go charge up some more!

So, the lesson STILL is, IMO, not to trust these sort of messages (they DID know my whole name,
which is why I checked..). Here's something to do for a quick look at URL addresses listed in emails -
hover your mouse over the (highlighted) link in question and look at the bottom of your email browser
window, where you'll likely see the actual URL listed out. If that differs from the text, if it has a
domain in Nigeria, etc. you'll know something is very likely wrong. But even if it seems to pass that
test, before you click the link directly, try to verify that it matches the links of earlier known valid
messages from your company. In my case, I actually examined the ASCII source for the message
for strange stuff.

That's how suspicious these bastids have made me.

Anyway, PayPal, dang it! Stop that.

Sorry for the false alarm, but it's still a valid warning.

L.

"An ugly baby is a very nasty object, and the prettiest is frightful when undressed." -Queen Victoria

[john e. holliday]

Again I was told and have been told if you look at the PayPal address you will see the http has an s attached.  If not, it is not a legitimate address and don't respond.  Forward it to PayPal or Ebay.   Since I have been doing it the messages have slacked off a bit.

[Larry Cunningham]

Again I was told and have been told if you look at the PayPal address you will see the http has an s attached.  If not, it is not a legitimate address and don't respond.  Forward it to PayPal or Ebay.   Since I have been doing it the messages have slacked off a bit.

True about the secure site having HTTPS - however, be sure you hover your mouse over the link and make sure the actual URL has the HTTPS - as HTML jocks will tell you, you can write it so that it displays HTTPS (or most anything else) in the displayed text, while the actual link is not HTTPS.

PayPal invited me to give them feedback about the experience and I did, telling them their legitimate email, in raw text form, had the exact wording warned against by multiple sources, and looked like phishing. Further, when you go to the (legitimate) web site and log on, the very first thing they as for is the full number of your credit card. I told them they should ask all the security questions first, even make the verifying phone call, and THEN get the credit card number..

Overall, in spite of the suspicious verification experience, I still highly recommend PayPal. It works perfectly in my experience, and the vendor doesn't get to see my credit card, checking account number or other personal data. Also, it works fine out of the country. For paying, it's a completely free service, and worthwhile.

L.

"There's a pork chop in every can." -Mark Bowen, on nutritional value of beer