fraudulent email coming from paypal email servers (I checked the smtp headers)

adkguy83
New Community Member
Posted on
‎Feb-01-2024 01:31 PM

I'm receiving fraudulent emails from paypal email servers. I received an email from [Removed] telling me that I paid Binance $999.56 which I didn't. I checked the actual smtp email headers and this actually came from paypal but it's fraud. Microsoft is also marking this email as coming from a "trusted sender" which it does not do if it's an impersonated source email address.  I'm concerned that the paypal email servers are compromised.
I understand how smtp impersonation works and this is not the case.

You can see from the smtp header this is coming from paypal:
Authentication-Results: spf=pass (sender IP is [Removed]) smtp.mailfrom=paypal.com; dkim=pass (signature was verified) header.d=paypal.com;dmarc=pass action=none header.from=paypal.com;compauth=pass reason=100 Received-SPF: Pass (protection.outlook.com: domain of paypal.com designates [Removed] as permitted sender) receiver=protection.outlook.com; client-ip=[Removed]; helo=mx4.phx.paypal.com; pr=C

Labels:
Login to Me Too
Login to Reply or Kudo
2 REPLIES 2

Temp20240205
New Community Member
‎Feb-03-2024 03:01 PM
This happened to me. I was up til 5 am trying to figure it out. It’s a large amt over $500.. Then I realize that I have several recurring charges that have gone on for months that I did not authorize!!! I’m so nervous!!! I tried to report online to PayPal but I couldn’t get the email to go through. I found a number for PayPal[Removed. Phone #s not permitted] called, got an automated response, started a fraud claim and response said someone would reach out to me in a few days!! I’m so nervous!!! Will PayPal refund my money? This is in the thousands of dollars. I rarely use PayPal but I did yesterday and realized I’ve been hacked!!
Login to Me Too
Login to Reply or Kudo

PayPal_Bindu
Moderator
Moderator
‎Feb-07-2024 09:48 PM

Hello @adkguy83 and @Temp20240205 

 

Welcome to the PayPal Help Community and thanks for posting here!

 

@adkguy83 I can see how receiving that emails would be concerning to you. If you receive any email about activity on a PayPal account, the safest way to confirm the email’s validity is to log in to a PayPal account via the PayPal website (not using the links in the email received). Any of the activity reported in the email will be available to view. You can report these suspicious email or website to PayPal by forwarding it to phishing@paypal.com and PayPal will investigate it for you. You can also refer this article for more information on how to spot a fake, fraudulent, or phishing PayPal email or website.
 

@Temp20240205 Sorry to know about the unauthorized charges in your account. You can report the charges in the resolution center of your PayPal account. Here's how you can report the unauthorized charges in your account : How do I report an unauthorized transaction or account activity? Also, please make sure to check these charges are from an automatic payment, such as a subscription. Here's how you can view the automatic payments in your account : What is an automatic payment and how do I update or cancel one?

Hope this information helps,

Bindu

If you feel this or any other post helpful, please enrich the community by giving kudos or accepting it as a solution.
Login to Me Too
Login to Reply or Kudo

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.