I got a scam email, reproduced below. I was going to write a post about how phishers keep upping their game because, while I get tons of scam e-mail every week this is the first of its type I’ve seen, and it seemed to be a cut above the crowd. “I bet they catch a lot of people,” I thought.
But looking under the hood, it’s odder than I thought.
First, here’s the email (without the live links):
PLEASE READ THIS NOTICE CAREFULLY.
You have received this Notice because the records of PayPal, Inc. indicate you are a current or former PayPal account holder who has been deemed eligible to receive a payment from the class action settlement in accordance with PayPal Litigation, Case No. 02 1227 JF PVT, pending in the United States District Court for the Northern District of California in San Jose.
In your specific case you have been found to be eligible for a payment of $48.99 USD.
The aforementioned settlement funds may be transferred directly to your bank account providing you have a linked card. The funds may not be credited directly to your PayPal account as this would render Paypal to be accumulating interest and thus profiting on litigation settlement funds which contravenes Federal law. Your bank account will be credited within 7 days upon submission of account details.
To credit your bank account please click here. [there was a URL attached to “click here”]
If you are seeking an alternate method of receiving your funds PayPal will be contacting those who do not submit their details by the 31th of March with instructions to receive a cheque in the mail. However this will incur a 7.5% processing fee deducted from the settlement amount and therefore PayPal only recommends this option to those users who do not currently have a bank account with linked Bank Card.
Please Note that under United States federal law credit cards are not a legally approved method of settlement for Class Action suits and cannot be processed for transferal of funds in this case.
This notice is a summary and does not describe all details of the settlement. For full details of the matters discussed in this notice, you may wish to review the Settlement Agreement dated January 11, 2006 and on file with the Court or visit https://www.paypal.com/settlement/. Complete copies of the Settlement Agreement and all other pleadings and papers filed in the lawsuit are also available for inspection and copying during regular business hours, at the Office of the Clerk of the Court, United States District Court for the Northern District of California, 280 South First Street, San Jose, California 95113.
PLEASE DO NOT TELEPHONE THE COURT REGARDING THIS NOTICE.
DATED: March 13, 2006
BY ORDER OF THE UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF U.S.A.
To the trained eye it’s obviously a fraud. The paragraph about how paypal can’t hold the money is silly — if Paypal were paying it it would be Paypal’s money; if the funds were in escrow the interest would go somewhere agreed as part of the deal. And the last line is wrong too: “BY ORDER OF THE UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF U.S.A.” Um, what state please?
And anyone who went and looked at https://www.paypal.com/settlement/ would be redirected to the In re PayPal Litigation Settlement Website, where they’d learn the period for making claims ended years ago. So it’s a total scam. Even so, I could see how many people might be taken in by it and might “click here” without investigating.
But that’s not what I found so strange. Sadly, that’s all too commonplace. What’s odd is the URL that “click here” leads to is “http://12012068097/003.paypal.com” which isn’t properly formed. And the URL to which most browsers would proably default is 12012068097.com, which points to a site that doesn’t exist for a domain name that is not even registered.
I understand phishing exercises designed to get your credit card or banking info. But relatively elegant phishing exercises that just waste your time?