Protect Yourself and Report the Latest Frauds, Scams, Spams, Fakes, Identify Theft Hacks and Hoaxes
There are affiliate links on this page.
Read our disclosure policy
to learn more.
Translate this page to any language by choosing a language in the box below.
Below is another example of a PayPal phishing / spoofing attempt sent vian email. Here is what PayPal suggests:
And if you think you have been victimized, see our What to do, if you think you have been the victim of identity theft page!
From: service [mailto:moi@bioloka.com]
Sent: Sunday, May 07, 2017 8:15 PM
To: Your email address
Subject: You added a new email address to your PayPal account
You added a new email address to your PayPal account
Dear Customer,
This is just to confirm that you added a new email address ( simons.lawler@hotmail.com ) to your PayPal account.
If want to make this your primary email address - where we'll send all your account-related information - log in to your PayPal account and go to your Profile.
If you didn't add this email address,Let Us Know Straight Away. This helps us make sure that no one is accessing your account without you knowing.
Yours sincerely,
Your PayPal team
Return-Path:
Return-path:
Delivery-date: Sun, 07 May 2017 20:51:01 -0400
Received: from s2.bioloka.com ([178.63.73.144]:34000)
Content preview: You
added a new email address to your PayPal account Dear
Customer, This is just
to confirm that you added a new email address (simons.lawler@hotmail.com)
to your PayPal account. [...]
Content analysis details: (4.6 points, 5.0 required)
pts rule name
description
---- ----------------------
--------------------------------------------------
2.5 URIBL_DBL_ABUSE_PHISH
Contains an abused phishing URL listed in the
DBL blocklist
[URIs:
emawwe.com]
0.5 RCVD_IN_SORBS_SPAM RBL: SORBS: sender is a spam source
[178.63.73.144 listed in dnsbl.sorbs.net]
-0.0 RP_MATCHES_RCVD Envelope
sender domain matches handover relay domain
-0.0 SPF_PASS SPF: sender matches
SPF record
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
0.8 BAYES_50 BODY: Bayes spam
probability is 40 to 60%
[score: 0.4990]
0.1 DKIM_SIGNED Message has a
DKIM or DK signature, not necessarily valid
0.0 T_DKIM_INVALID DKIM-Signature
header exists but is not valid
X-Spam-Flag: NO
X-Brightmail-Tracker:
AAAAAyTF/h4t/PpMLf2CcA==
X-Brightmail-Tracker:
H4sIAAAAAAAAA+NgFtrOqMTGxcIABLqsh/gjDY5O47fYd+A7iwOjx/EX75kCGKNYggsScxNYMnp2X2ArYKgAUQ2MDKsYhXNLyw2LMxKLSxITi4oLivJTDIw3MUIN28G4/aLMKUZVjkv32z8zCbEUA82QEucNPcAfKSQA4mSU5pWkFsUXleakFr9iFOdgVBLmNTgIlOXJzCspzkyHyUhwMCmJ8IqL8UQK8QJtQkhJNTBy3Ft3/0GUs3rx01vNv8Tq9S+07b8hPPvZbbs5RQd+7j/LXnv9zStRyc8LRO6bH8vIMSlxmd6dmZ211v5YWjNfZaLg7/vfj5Vsapt2UIpLMmSxyqvA+fx9cR/WJL0JN9i99cm9nxvObu9sCqmJfybTKVK9aX+w2rykCJPbtXtZ/FQrO560nOhWYgF631CLuag4EQDRNptcSgEAAA==
If you need advice about an Internet or online solicitation, or you want to report a possible scam, use the Online Reporting Form or or call the NFIC hotline at 1-800-876-7060
All images and text � Copyright Benivia, LLC 2017 Disclaimer and Privacy Policy
Names used by scammers in the examples on this
page and others often belong to real people and businesses who often have no
knowledge of nor connection to the scammer's use of their name and
information. Sample scam emails and other documents presented on this
website are real copies of the scam to help potential victims recognize and
avoid it. You should presume that any names used and presented here in a
scam are either fictitious or used without their legitimate owner's
permission and have no relationship to any person or business that also
shares that name, address, phone number or other identifying information.
Permission is given to link to any public page on http://www.ConsumerFraudReporting.org