I got the following message in email today. The "phishing" detector in my brain went off immediately, but on further inspection it appears that this message really did come from Paypal.
Subject: Notification of Limited Account Access
Dear Greg Hewgill,
As part of our security measures, we regularly screen activity in the PayPal system.
For your protection, we have limited access to your account until additional security measures can be completed. We apologize for any inconvenience this may cause.
To review your account and some or all of the information that PayPal used to make its decision to limit your account access, please visit the Resolution Center. If, after reviewing your account information, you seek further clarification regarding your account access, please contact PayPal by visiting the Help Center and clicking "Contact Us".
We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.
Sincerely,
PayPal Account Review Department
PayPal Email ID PP522
This message seems non-phishy due to the following aspects:
Paypal is in the unenviable position of having to fight with all the phishers when they really do want to email a notification to their customers. It appears that this is the best they can do, and of course the phishers will imitate this style of message as closely as possible, which makes Paypal's original message look like junk mail. It's an uphill battle for them.
Now I'm curious about what they've done with my account.
Return-Path: <service@paypal.com> Received: by occam.hewgill.net (Postfix, from userid 12349) id E6FF922DF1B; Mon, 20 Feb 2006 17:17:43 +0000 (GMT) Received: from smtp-outbound.nix.paypal.com (smtp-outbound.nix.paypal.com [64.4.240.67]) by occam.hewgill.net (Postfix) with ESMTP id E45CE22DF02 for <greg@hewgill.com>; Mon, 20 Feb 2006 17:17:40 +0000 (GMT) Received: from dentmail1.den.paypal.com (dentmail1.den.paypal.com [10.191.28.242]) by smtp-outbound.nix.paypal.com (Postfix) with ESMTP id 34B66820020 for <greg@hewgill.com>; Mon, 20 Feb 2006 09:17:40 -0800 (PST) Received: from denadmin10.den.paypal.com (denadmin10.den.paypal.com [10.191.20.86]) by dentmail1.den.paypal.com (Postfix) with SMTP id 0001F27C05A for <greg@hewgill.com>; Mon, 20 Feb 2006 09:17:39 -0800 (PST) Received: (qmail 21414 invoked by uid 99); 20 Feb 2006 17:17:39 -0000 Date: Mon, 20 Feb 2006 09:17:39 -0800 Message-Id: <1140455859.21414@paypal.com> Subject: Notification of Limited Account Access X-MaxCode-Template: email-restrict-issue-notification To: Greg Hewgill <greg@hewgill.com> From: "service@paypal.com" <service@paypal.com> X-Email-Type-Id: PP522 X-XPT-XSL-Name: /default/en_US/account/security/RestrictIssueNotification.xsl Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 MIME-Version: 1.0
Update: I logged on to Paypal and they appear to only have expired my password. No other outstanding issues were to be found in their "Resolution Center" after logging on. I've found that Paypal seems to expire my password frequently (once every month or two), and asks that I supply a new, different password plus configure two new security questions. Perhaps I've been getting a message like this every time they expire my password but this is the first time I noticed it wasn't a phishing message.
I just checked my mail and one second after receiving confirmation of changing my password and security questions, I also got:
Subject: Your PayPal Account has been Restored
Dear Greg Hewgill,
We have completed our review and have restored your account.
Thank you for your patience during this process and for helping to make PayPal the safest and most trusted online payment solution.
Sincerely,
PayPal Account Review Department
Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and click the Help link located in the top right corner of any PayPal page.
PayPal Email ID PP203
Thanks Paypal. Hardly a pleasure doing business with you.
2006-02-20T18:31:31Z