As long as there's been trade, there have been people willing to take your money, your expectations and your heart and walk away laughing to themselves while counting their ill-gotten gains.
Many customers are suspicious of doing business on the web, without reason. One has to use the same common sense as when shopping in person. There's always an occasional employee in stores or gas stations ready to copy down your credit card info or otherwise intercept it and make fraudulent charges. The same thing applies on the web. If a shopping cart system, like ours for Fuller Brush & Stanley Home Products and others, states "Secure Shopping" or some such phrase, it probably is as secure as technology can make it, especially if it's a company with a good reputation.
Likewise, when you permit companies to directly deduct money from your checking account, such as utilities, insurance companies, etc., you are somewhat on your own, so you better be sure it's a reputable company. I do this a great deal, not having time to write checks and keep up with bills. But I'm careful about who I give permission to.
Two services we deal with make this kind of transaction much more secure. Fuller Brush offers a way for representatives to have their payments deducted from their checking account through FastPay, a secure payment system.
Another very highly secure payment system directly from one's checking account, or into it, is PayPal, which we occasionally use. So when I received the following email, my first thought was that it was legitimate. Before I got any further that entering my email address, my fraud antennas started quivering. It is NOT a secure practice to send bank account or credit card info by email, and PayPal would not ask me to do so.
I will have to state that PayPal didn't make it real easy for me to report this but I persisted and finally got the right department. They stated they were aware of the problem and were doing what they could to get it stopped, which in reality is very little. Worse, the hidden return address appears to be located in the Netherlands and the recipient of your confidential information in Russia, making recovery impossible from the USA. The only way to halt it is for consumers to be aware. If you receive an email like the following from PayPal, your bank or credit card company, utility, or anyone else, be aware that even though the address states that it is from that entity, the RETURN PATH and/or RECIPIENT is probably hidden and is a pipeline directly to the flim-flam artist that wants to relieve you of your money. This does not affect people using PayPal to make purchases, by the way. It's just a scam using the PayPal name and reputation. (P.S.: I removed the recipient so using the "Log In" button won't blow up your computer - or your bank account!)
-------- Original Message --------
Dear PayPal Customer
PayPal is currently performing regular maintenance of our security measures. Your account has been randomly selected for this maintenance, and placed on Limited Access status. Protecting the security of your PayPal account is our primary concern, and we apologize for any inconvenience this may cause.
To restore your account to its regular status, you must confirm your email address by logging in to your PayPal account using the form below:
(A form to fill out follows with email address, account number, bank account number and much other personal data.)
This PayPal notification was sent to your mailbox.
Your PayPal account is set up to receive the PayPal Periodical newsletter
and product updates when you create your account. To modify your notification
preferences and unsubscribe, go to https://www.paypal.com/PREFS-NOTI
and log in to your account. Changes to your preferences may take several
days to be reflected in our mailings. Replies to this email will not
Anyone that "updated their account with PayPal" this way I'm sure got a very nasty surprise.