Gut Rumbles

January 24, 2006

is this legit?

PayPal keeps bugging me about my account, even AFTER I changed my password. I received ANOTHER missive from them today, asking me to "confirm" my account. They (or somebody) provide a link to what LOOKS like Paypal, but I have one question.

What the hell do they need with my ATM pin number? (If I fill in my name and password, I go to a page that requires it.) I've NEVER been asked to give THAT number to anybody over the internet. Call me suspicious, but this smells bad to me, even if the page has all the official Paypal logos and shit on it. It LOOKS legit, but...

I'm going to fix this problem once and for all. I seldom use PayPal anyway. I'm going to cancel the account and be done with it.

Have any of you people ever been asked for your ATM pin number by Paypal?


NO! It is not legit. It is a phishing scam. No need to cancel your Paypal account. Just DELETE thew e-mail....or better yet, send to Paypal's fraud dept.

By the way...I'm really proud of you!! If you come to Wilmington with Recondo to pick up his boat, I'll treat you both to dinner.

Posted by: sailingcv on January 24, 2006 10:17 AM

That is some spammer trying to get your password. Papyal never asks you to update your account.

Posted by: zona on January 24, 2006 10:17 AM

I got an email this past Friday supposedly from paypal asking me to update my credit card info (and it provided a link in the email) I forwarded the entire email to paypal and heard back within 24 hours that it was indeed a phony phishing scam. Paypal advised me never ever to click on a link claiming to be a Paypal link. Always log in from paypals own page. They thanked me for forwarding the phony email.

Posted by: Ruth on January 24, 2006 10:21 AM

No it isn't legit that I can see. The domain resolves to an Utah address that doesn't mention Paypal.
Domain Name..........
Creation Date........ 1998-02-02
Registration Date.... 2004-04-04
Expiry Date.......... 2009-02-01
Organisation Name.... Web Services
Organisation Address. 1253 N. Research Way
Organisation Address. Suite
Organisation Address. Orem
Organisation Address. 84097
Organisation Address. UT
Organisation Address. UNITED STATES

Admin Name........... Host Master
Admin Address........ 1253 N. Research Way
Admin Address........ Suite
Admin Address........ Orem
Admin Address........ 84097
Admin Address........ UT
Admin Address........ UNITED STATES
Admin Email..........
Admin Phone.......... 801-437-6000

Might be a good idea to get a new card number in case your account has been compromised.

Posted by: Robert on January 24, 2006 10:21 AM

Rob. Forward the email to PAYPAL. They will confirm it is indeed a phishing scam. I heard back quickly. (from paypal)

Posted by: Ruth on January 24, 2006 10:24 AM is the email address to forward your "suspect emails" to.


Posted by: Ruth on January 24, 2006 10:25 AM

This is one of the many phishing scams out there. I always delete these emails, never open them, and do not give them the time of day. Paypal will never email you requesting account information. Ever.

Posted by: Braden on January 24, 2006 10:42 AM

Paypal, Ebay and banks will never ask for anything over an insecure media like email. Besides, they already have your password (or else you couldn't log on), why would they need it again?

It doesn't matter how good the email looks, or how alarming it is, it's always false. ALWAYS.

If you're not sure, you can always log on yourself from a fresh browser page and check.. I don't bother anymore, they're all deleted as spam.

Posted by: V-Man on January 24, 2006 10:43 AM

I get these all the time. If you ignore them the Paypal ones get more hysterical every time. By the time they give up they're sending DANGER ACCOUNT ABOUT TO EXPLODE and ANNIHILATE THE EARTH. I don't even have a paypal account at the address they're sending it to.

I get these msgs posing as Amazon, Ebay and various banks including the one I have an account at. Best rule of thumb is delete everything without even opening it. If your accounts are really in trouble they'll send you snail mail or call you or something. No legit financial institution would ask for passwords or account numbers.

Some of these spammers send viruses with these things that can be triggered by simply opening the mail. If you use Outlook for email, I've heard it can be triggered simply by appearing in the preview window.

If you ignore them long enough, they do eventually go away.

Posted by: Libby on January 24, 2006 10:45 AM

Any time you get anything like this (any bank, eBay or Paypal), if you hover over the link you'll find that the displayed link text does not match the link address that pops up or displays at the left bottom of your browser window. Unless it says just plain or, it's likely a pfish.

Posted by: Patrick on January 24, 2006 10:51 AM

Thanks for the password! And the new motorcycle!

Posted by: Steve H. on January 24, 2006 11:03 AM


99% of the e-mail claiming to be from paypal AREN'T!!!

NEVER CLICK ON A LINK in an e-mail either. As soon as you do, and log in, the hacker gets your info. Just delete them or fwd them to and they'll tell you if they're fake or not.

Posted by: Sam on January 24, 2006 11:14 AM

Yeah, I got that sort of thing about two years ago right after Paypal's so-called "security" let my account get hacked. Sonsofbitches cleaned out my account and tried to hit my credit card. Fortunately, my card company is sharp and put a stop to it. Never even got an apology - not to mention a damned dime- out of Paypal. Will no longer have anything to do with the skanky bastards. Piss on 'em! Twice!

Posted by: Will on January 24, 2006 11:16 AM

It's fake.
I just signed up with PayPal to sell my soaps. It says right off the bat it will never ask you for passwords and such.

Posted by: Maeve on January 24, 2006 11:17 AM

Like everyone says, it is not legit. Just somebody looking for someone stupid enough to give them their PIN and account number. Big rip-off. Notify Pay-Pal and let them deal with it. If they can.

Posted by: RayH on January 24, 2006 11:33 AM

As the others have said, you will never be asked for this type of information by your processor/bank/retailer. Unless you originated the email, the logon or the phone call, don't give out this information.

A great way to identify the scams will be via the salutation. Most scams say, "Dear Paypal Member". A real PayPal email will say, "Dear Robert Smith", etc.

Regardless, you should NEVER click the link in an email. ALWAYS log on to the site, from a new browser, and see if the request is legit. If not, report it to their security departments.

Posted by: The Other Mike S on January 24, 2006 11:40 AM

You ARE pulling our leg, aren't you???

Posted by: Omnibus Driver on January 24, 2006 12:22 PM

Sure it's real. Just type in your password, your PIN, and stop being a pussy! Why don't you trust PaPal? They're an internationally respected business!

Posted by: Rube on January 24, 2006 01:26 PM

Rob, Forward the email to . You will get a message back from the legit Paypal explaining that this is someone "phishing" for confidential information. Paypal will then start their process to shut it down. They take this stuff seriously because it pisses off their customers and therefore effects their business.

Posted by: Dishonorable Schoolboy on January 24, 2006 02:20 PM

I have a paypal account too and they do not ask you that. It is not legitimate.

My other comment was cut off so I'll try again on your reader poll.

I like Tex-Mex. Your blog came highly recommended by someone who usually doesn't have good taste so I was pleasantly surprised. :)

Posted by: Texas Lady on January 24, 2006 02:35 PM

So it's OmniBus Driver and me against the world? ROFLMAO!!!!!!!!!

Posted by: Indigo on January 24, 2006 02:54 PM

Happy to be in good company, Indigo!

Posted by: Omnibus Driver on January 24, 2006 03:15 PM


Don't even open those e-mails.

And whatever you do, do NOT click on any of the links.

And ESPECIALLY, never, ever give them your ATM PIN - or any other data they ask for. PayPal is, unfortunately, the vehicle of choice for phishing scams. If you want to check on your PayPal data, don't respond to anything you get in an e-mail - just go directly to the PayPal website.

Posted by: Elisson on January 24, 2006 03:26 PM

But you knew that already, didn'tcha? Heh.

Posted by: Elisson on January 24, 2006 03:28 PM

MAJOR SCAM! They don't ask for anything of the sort at Pay Pal, eBay...anywhere legit!

Posted by: A Different Kim on January 24, 2006 04:17 PM

Your phoney paypal site forgot to change the date to 2006 at the bottom of the page...gee whiz.

Posted by: Maggie on January 24, 2006 05:34 PM

Hey Rob? I wouldn't delay too long in deleting that Paypal account. If I read your blog entry right, you clicked on the link in that email and entered your name and password, right? You just stopped short of giving them your ATM PIN, correct? That means that most likely they've got your Paypal account name and password and can use it to charge things to whatever credit card(s) are plugged into it. That can be bad shite, guy, if they can find someplace to take your cardnumber that will ship to an address other than your billing address.

Posted by: Kawboy on January 24, 2006 06:52 PM

Rob, get the free version of "Window Washer." It lets you look at your mail on your ISP's server. When you see dubious e-mail, Window Washer can "Bounce"
the suspect e-mail back to the sender, as if your e-mail account does not exist. Also it can delete unwanted e-mail on the server without you downloading the e-mail.
I use it all the time to bounce that junk mail back to the sender or an unfortunate user whose machine is a zombie.

Posted by: Bill on January 24, 2006 09:24 PM

WTF Rob?! You're not actually falling for this stuff are you? Please tell us you're pulling our leg.

Posted by: Desert Cat on January 24, 2006 10:18 PM

Never do anything with your Paypal account that is sent to you via email. If you need to change something on Paypal, log into their site yourself. Do not go to it from a link someone sends you. Even Paypal will tell you that. Be careful Mr. Acidman.

Posted by: Chrissy on January 25, 2006 08:34 AM

good lord. how many people are going to answer the same damn question? I think he gets the idea now.

Posted by: girl on January 25, 2006 09:40 AM
Post a comment

*Note: If you are commenting on an older entry, your
comment will not appear until it has been approved.
Do not resubmit it.