PayPal Scam

I wanted to share a PayPal scam email that I found in my inbox, and how you can tell that it is a scam.

Dear PayPal customer, 

Our company has intended a new feature that will improve the Online Banking security. Upgrading our systems will help protect our customers accounts from 3rd-party access and reduce fraud. This process has started on 14th January, 2011 and will be closed on 19th January, 2011.

All our members are required to update their account profile for the new databases. Filling our online form will take about 3-5 minutes from your time.

To access our profile update form click on the following link to login to your account:

Click here to go to the online form

Please note that failure in updating your profile will result in account suspension.

Alison Grudzinski,
IT Assistant Manager,
PayPal Inc.

Now . . . how to tell that this is a scam email
First, companies like PayPal or credit cards will NEVER send you and email asking you to update your information.
Second, if there was a new PayPal feature upgrade, there would be information on it when you logged into your account.  No need for an email if you just tell people about it when they log in.
Third, the window of when it started to when it ends is VERY small.  They do this to make you want to rush and go and update your account right away, instead of keeping the email in your account for months.
Fourth, the click here to go to the online form.  Again, if there really was an upgrade, they would ask you to log into your account, and you would already know how to do that and where to go, so no need for a link.
And last, the link itself.  I have removed the link from the “Click here” wording so that no one will go there, but when it was active you could hover your cursor over it, and you would be able to see where it REALLY points to, and it is NOT a PayPal site.
Here is an image of what the site would look like if you would have clicked on the link.
They make it look like it really is PayPal, but the URL address is not PayPal.
These types of scams are called Phishing scams (pronounced Fishing)


Minnesota Victims

I am looking for victims of internet crimes in Minnesota who would be willing to share their story with City Pages.  If you do not want your name printed, they are willing to respect that.

If you are a victim of any type of internet crime, I encourage you to come forward and share your story.  I know it is not easy . . . I am a scam victim also . . . but I do know how rewarding it is to know that you have helped save others from being a scam victim because your story gave them the information to protect themselves.

If you are interested, you can contact me through

Emails from your email provider . . . or are they

Have you ever been without your email, and felt totally unconnected to the world.  You could be missing some important information, and it is all because you cannot get into your account.

A popular scam right now preys on that fear people have of not being able to get at their email accounts, and to make these scams work the scammers make it look like the emails are coming from your email provider.  The emails will tell you that you have exceeded your mailbox quota or that someone has attempted to access your email account.  Either way, the email then asks for you to update your information within a set amount of time or your email account with be closed permanently.

If there ever was a real problem with your email account, your provider would not send you an email about it, and they would not set a time limit on when you have to respond by.  Not everyone checks their email daily, or even weekly, so if they are telling you to complete the task by a set date they are doing it to scare you into moving fast, without looking into things first.

If you do get an email like this, and you are worried that there really COULD be a problem with your email account, call the customer service number for your email provider . . . but do not call any customer service numbers listed in the email  . . . those will be fake also.  Use a search engine to look up the customer service number so that you know for sure that you are contacting the right people to check on your account.

Victims – Tell your story!

I will OFTEN get requests from media people for victims to share their story (on radio, tv or in print).  If you are a victim who would be willing to share your story, please contact me via email with your name, state you live in, and the type of scam you were a victim of (counterfeit check, romance, roommate, credit card fraud, 419, ID theft, etc.)

This can be a wonderful way for you to share your story and help to warn and educate other people about scams!

Stay safe from scams at the holidays

This information can be found at

This holiday season the Federal Bureau of Investigation ( FBI) is reminding people that cyber criminals continue to aggressively create new ways to steal money and personal information. Scammers use many techniques to fool potential victims including fraudulent auction sales, reshipping merchandise purchased with a stolen credit card, and sale of fraudulent or stolen gift cards through auction sites at a discounted price.

Fraudulent Classified Ads or Auction Sales
Internet criminals post classified ads or auctions for products they do not have. If you receive an auction product from a merchant or retail store, rather than directly from the auction seller, the item may have been purchased with someone else’s stolen credit card number. Contact the merchant to verify the account used to pay for the item actually belongs to you.

Shoppers should be cautious and not provide financial information directly to the seller, as fraudulent sellers will use this information to purchase items for their scheme from the provided financial account. Always use a legitimate payment service to protect purchases.

As for product delivery, unfamiliar Web sites or individuals selling reduced or free shipping to customers through auction sites many times are deemed to be fraudulent. In many instances, these Web sites or sellers provide shipping labels to their customers as a service. However, the delivery service providers are ultimately not being paid to deliver the package; therefore, packages shipped by the victims using these labels are intercepted by delivery service providers because they are identified as fraudulent.

Diligently check each seller’s rating and feedback along with their number of sales and the dates on which feedback was posted. Be wary of a seller with 100% positive feedback, if they have a low total number of feedback postings and all feedback was posted around the same date and time.

Gift Card Scam
Be careful about purchasing gift cards from auction sites or through classified ads. If you need a gift card, it is safest to purchase it directly from the merchant or another authorized retail store. If the gift card merchant discovers the card you received from another source or auction was initially obtained fraudulently, the merchant will deactivate the gift card number and it will not be honored for purchases.

Phishing and Smishing Schemes
Be leery of e-mails or text messages you receive indicating a problem or question regarding your financial accounts. In this scam, you are directed to follow a link or call the number provided in the message to update your account or correct the problem. The link actually directs the individuals to a fraudulent Web site or message that appears legitimate where any personal information you provide, such as account number and PIN, will be stolen.

Another scam involves victims receiving an e-mail message directing the recipient to a spoofed Web site. A spoofed Web site is a fake site or copy of a real Web site and misleads the recipient into providing personal information, which is routed to the scammer’s computers.

Here are some tips you can use to avoid becoming a victim of cyber fraud:

Do not respond to unsolicited (spam) e-mail.

Do not click on links contained within an unsolicited e-mail.

Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders. Virus scan the attachments if possible.

Avoid filling out forms contained in e-mail messages that ask for personal information.

Always compare the link in the e-mail to the link you are actually directed to and determine if they actually match and will lead you to a legitimate site.

Log on directly to the official Web site for the business identified in the e-mail, instead of “linking” to it from an unsolicited e-mail. If the e-mail appears to be from your bank, credit card issuer, or other company you deal with frequently, your statements or official correspondence from the business will provide the proper contact information.

Contact the actual business that supposedly sent the e-mail to verify if the e-mail is genuine.

To receive the latest information about cyber scams, please go to the FBI Web site and sign up for e-mail alerts by clicking on one of the red envelopes. If you have received a scam e-mail, please notify the IC3 by filing a complaint at

For more information on e-scams, please visit the FBI’s New E-Scams and Warnings webpage at

Phishing scam hitting hard


The Community Driven Credit Union in Pittsfield Township has frozen the bank accounts of 20 to 30 of its customers in recent days after they provided sensitive information to suspected scam artists.

The phishing scam – involving e-mails and text messages – appears to be hitting Washtenaw County hard since last week.

Many people have reported receiving the messages, which warn them their accounts have been frozen. They’re directed to call a number and are then prompted to provide bank and debit card information.

The majority of the messages appear to reference the Community Driven Credit Union. Kevin Finneran, president and CEO of the credit union, said even his wife and daughter received the text messages.

The scam also appears to be impacting the Chelsea State Bank. Michigan State Police Sgt. Tony Cuevas said today at least 3 people have reported similar scams involving the Chelsea bank.

One man said he received an automated message that his bank account was frozen, and when he called, he was directed to enter his 16-digit debit card number, Cuevas said.

On Tuesday, the president of the Ypsilanti Area Federal Credit Union said the credit union has heard from at least 50 customers who received suspicious messages.

Finneran said his credit union has talked to 50 to 60 customers, and 20 to 30 of them provided their banking information by computer or phone to the scam artists. Their accounts were frozen, and new cards are being issued.

Finneran said the bulk of those who received the text messages appear to be Sprint customers. He said the credit union has spoken to the Pittsfield Township Police Department and state Attorney General’s office, and also is spreading the word about the scam to help customers avoid being victimized.

“It probably started last Thursday or Friday,” Finneran said of the calls. “If people provided information, we’re immediately taking steps to secure their accounts. We’re also doing everything we can to make people aware.”

Barrie Kiser, marketing manager for the credit union, said the e-mail can appear convincing because it has a screen shot of the credit union’s home banking system. But the address is wrong, and the information it requests to log in also is different.

Officials at the banks stressed this week that they never gather information from ttheir customers via text or e-mail, so customers should never respond to such messages.

Anyone who received the messages and provided information should immediately contact their bank or credit union and local police department.

The Anti-Phishing Working Group also offers some advice on what to do if you’ve been scammed and how to report it.

Email verification scam

Here is a scam email that I just got today . . .

Dear CS.COM Owner
Dear CS.COM Account Owner,
This message is from the CS.COM technical support department messaging center to all CS.COM Webmail account owners. Due to high rate of spam and scam phishing emails you receive to your mail box,We hereby use this medium to inform you that we will be carrying out some maintenance/Upgrading operations inorder to install in your mail box aspam detection/blocker to your mail box, This will also Increase the Storage bite of your mail and also protect your mail box from spam. As a result of this we will be deleting all expired and unused account to create more rooms for new updated/upgraded ones. To prevent your account from being closed unnecessarily, you will have to update us with the following information’s below for propal verifications to prevent the unwarranted close of your email account.
1.Full Email Address:………………….
3. Re-type password:………………..
4.age/country:…………….. of birth:…………….
6.First name/Last name:………….
Warning Code:VX2G99AAJWarning!!!
Account owner that refuses to update his or her account Within Three days of receiving this warning will lose his or her account permanently. Thank you for using CS.COMWebmail!
Warning Code:VX2G99AAJ
Thanks,CS.COM Alert team

The give away for this one was that it came from a gmail account and it was asking for my age and date of birth . . . why would my email service need that info???

Shawn Mosch
Co-Founder of
There is strength in numbers!

Find us on Twitter, Facebook and more through
Has this site helped you? Then help us to continue to fight scams by donating at