An
Email with the Subject "Paypal Security Center" was
received in one of Scamdex's honeypot email accounts on Sat, 01 Sep 2007 13:24:48 -0700
and has been classified as a Generic Scam Email.
The sender shows as service@paypal.com <service@paypal.com>.
The email address was probably spoofed. Do not reply to or contact any persons or organizations referenced in
this email, or follow any URLs as you may expose yourself to scammers and, at the very least, you will be
added to their email address lists for spam purposes.
Scam TagCloud
foreignpaypalpaypal.comlog inloginip addresssuspendthird partyverificationebaynationalsafeaccounttransactionserviceaccesssentbuysellmailusersincerely will securityhttps://www.paypal.com/cg...ebay com
NO CHART DATA - EMAIL HAS NOT YET BEEN ANALYSED
Scam Email Headers
This a (redacted) view of the raw email headers of this scam email.
Personally Identifiable Information (PII) has been suppressed, but can be
supplied as received to appropriate investigating or law enforcement agencies on request.
EEEEEstdClass Object
(
[return-path:] =>
[envelope-to:] => submitted@scamdex.com
[delivery-date:] => Sat, 01 Sep 2007 13:24:48 -0700
[received:] => Array
(
[0] => from sitemail3.everyone.net ([216.200.145.37] helo=omta08.mta.everyone.net)by bartok.o7e.net with esmtp (Exim 4.63)(envelope-from )id 1IRZWS-00025r-34for submitted@scamdex.com; Sat, 01 Sep 2007 13:24:48 -0700
[1] => from dm15.mta.everyone.net (bigiplb-dsnat [172.16.0.19])by omta08.mta.everyone.net (Postfix) with ESMTPid 62F8542E9C; Sat, 1 Sep 2007 13:24:46 -0700 (PDT)
[2] => from venus.bhservers.com (208.116.7.242 [208.116.7.242])by dm15.mta.everyone.net (EON-INBOUND) with ESMTP id dm15.46d7a9a9.98b7d1for ; Sat, 1 Sep 2007 13:24:45 -0700
[3] => from nobody by venus.bhservers.com with local (Exim 4.66)(envelope-from )id 1IRZWK-0008Sf-B8for advance@antihotmail.com; Sat, 01 Sep 2007 16:24:41 -0400
)
[x-eon-delivered-to:] =>
[x-eon-dm:] => dm15
[to:] => advance@antihotmail.com
[subject:] => Paypal Security Center
[from:] => service@paypal.com
[reply-to:] => service@paypal.com
[mime-version:] => 1.0
[content-type:] => text/html
[content-transfer-encoding:] => 8bit
[message-id:] =>
[date:] => Sat, 01 Sep 2007 16:24:40 -0400
[x-antiabuse:] => Array
(
[0] => This header was added to track abuse, please include it with any abuse report
[1] => Primary Hostname - venus.bhservers.com
[2] => Original Domain - antihotmail.com
[3] => Originator/Caller UID/GID - [99 32002] / [47 12]
[4] => Sender Address Domain - venus.bhservers.com
)
[x-source:] =>
[x-source-args:] => /usr/local/apache/bin/httpd -DSSL
[x-source-dir:] => dazzling-diamonds.com:/public_html/kevphpmailer
[sender:] =>
[x-scamdex-scores:] => S:68 P:79 A:83 L:65 E:74 G:64
[x-scamdex-classtype:] => A
[x-scamdex-classscore:] => 83
[x-scamdex-totscore:] => 433
[x-scamdex-kw:] => IP address,access,account,buy,diamond,ebay,foreign,inc.,log in,login,national,paypal,report,safe,sell,sent,service,suspend,third party,transaction,verification
[x-scamdex-em:] => advance@antihotmail.com,service@paypal.com
[x-scamdex-dir:] => P
[x-scamdex-id:] => P1204769290.M942549P20228V
[x-scamdex-copyright:] => This Email is Copyright Scamdex.com 2009, Reproduction Prohibited
)
Domain Names used for collecting scam email ("Honeypot email accounts") have been obscured and replaced with the token 'HUN1P0T'
Community Action - SPAM/non-Scam Report
Occasionally, incorrectly categorized emails get into the Scamdex Scam Email Database and need to be removed. If this
email has Personally Identifiable Information (PII), or is, in your opinion, from a bona-fide entity, let us know.
Scamdex will, as soon as is practicable, take-down any emails that in our opinion should not
be in our database. Note that ALL emails in the Scamdex Scam Email Database were received as Unsolicited Commercial Email, aka UCE or
SPAM, via unpublished 'Honeypot' email addresses.
At PayPal, we want to increase your security and comfort level with every transaction. From our Buyer and Seller Protection Policies to our Verification and Reputation systems, we'll help to keep you safe.
We recently noticed an attempt to log in to your PayPal account from France, a foreign IP address and we have reason to believe that your account was used by a third party without your authorization.
If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. Therefore, if you are the rightful account holder, click on the link below to log into your account and follow the instructions.
If you choose to ignore our request, you leave us no choice but to temporarily suspend your account.
If you received this notice and you are not the authorized account holder, please be aware th
at it is in violation of PayPal policy to represent oneself as another PayPal user. Such action may also be in violation of local, national, and/or international law. PayPal is committed to assist law enforcement with any inquires related to attempts to misappropriate personal information with the intent to commit fraud or theft. Information will be provided at the request of law enforcement agencies to ensure that impersonators are prosecuted to the fullest extent of the law.
Thank you for your patience as we work together to protect your account.
Sincerely, PayPal Account Review Department PayPal, an eBay Company
*Please do not respond to this e-mail as your reply will not be received.
