So I’m signed up for paypal under ebay, right? Helaman can always find a great deal on ebay when we are looking for something gadget-y. While signing up, I read all the disclaimers, notes, legal blah blah blah, and such, thinking that I was so schmarty-farty pants that all that nonsence about what to do if you get a fake e-mail was just washed outa my smarty-pants brain (not that it would take much effort to wash any info out of my brain).
I mean, C’MON! Who wouldn’t recognize some jerk sending out a fake e-mail asking for my password and credit card information! Sheesh, what do you think I am, some kind of idiot? Well, somebody thought I was an idiot, and I almost totally fell for it. I think I’m going to blame my thoughtlessness on a large amount of vitamin C, chicken soup, and some nasal de-congestant that I don’t remember the name of…
While I was out of bed yesterday I checked my email and recieved one from “Paypal” that said I had purchased a gadget of whatchamacallitness.
The price: $149.95.
Now my husband is amazing. He’s awesome, patient, kind, sweet, and loving. But there have been times during our nearly 5 years of marriage that I have called him a name or two (not that I’m proud of it).
During one of my particularly angry moments, he said something I didn’t want to hear, and I lashed back. I said he was a…gulp…money nazi. Yep. I said that to my sweet Helaman. He looked at me incredulously and looked away like I had just hit him or something. It was a sad moment that I have apologized for profusely, but (as you can see) I still feel really guilty about.
What in the name of Sam Hill does any of this have to do with the Paypal purchase?Here’s the thing; my hubby just wouldn’t go out and spend $149.95 for no reason without talking to me – especially after feeling the bite of the After-Christmas-Spending-Sprees.
Luckily, he was able to answer his phone at work and I mentioned that I got an email about the purchase he made through paypal. He knew nothing about it. He even said, “Sarah, you know that I would never spend that kind of money on something without talking to you about it first.” So I did what I thougth I needed to do: click on the “Dispute This Charge” button at the end of the email.
Then I entered my username and password.
Funny thing though, it didn’t go directly to my Paypal account like normal, it directed me to a page that asked me to enter my home address, credit card info, and mother’s maiden name. At the top of the page there was a statement saying that these were all the neccessary steps that needed to be taken in order to dispute charges on Paypal.
So I scrolled down and clicked on the “Contact Us” link. It refreshed the same page, stating that I had to enter the info first, then I would get the contact information I requested.
Hemmm…though I’m a little slow on the up-take, I’ll get it eventually if you wave a freakin’ red flag in front of my face. And this was definently a red flag.
I minimized that window, typed in http://www.paypal.com/ and got the contact # I wanted. I called the 1877 number and talked to a real person who said not to be alarmed, but I had, in fact, recieved a “spoof” email and I should foward it to them for investigation. Yikes.
I have since changed every password to every account I’ve ever had because I was using the same password for everything so I would have less to remember. But because I entered my username and password into the “spoof” email, I ruined everything. Sheesh, who’s the idiot? Me, of course. But I’ve definently learned my lesson and I’m sharing my dorkiness with others in hopes that you won’t fall for the same trick. Not that you would or anything, cuz’ ya’ll is smart, right?
Thanks for taking an active role by reporting suspicious-looking emails.
The email you forwarded to us is a phishing email, and our security team is working to disable it. What is a phishing email? Phishing emails attempt to steal your identity and will often ask you to reveal your password or other personal or financial information. PayPal will never ask for your password over the phone or in an email and will always address you by your first and last name. Take our Fight Phishing Challenge at https://www.paypal.com/fightphishing to learn 5 things you should know about phishing. You’ll also see what we’re doing to help fight fraud every day.
You’ve made a difference. Every email counts. By forwarding a suspicious-looking email to firstname.lastname@example.org, you’ve helped keep yourself and others safe from identity theft.
The PayPal Team