PayPal alert! Beware the 'PaypaI' scam

PayPal alert! Beware the 'PaypaI' scam

Summary: This Russian-based site looks exactly like the popular payment site, complete with pilfered user names and passwords

TOPICS: Security

A scam artist last night created an exact replica of and used the fake site to attempt to pilfer user names and passwords from customers of the online payment system.

The site, deceptively named, was a convincing duplicate of the real thing -- but according to Network Solutions, is registered to Birykov in South Ural, Russia.

However, by 10.45am (Pacific Time) the copycat site was down. Meanwhile, a spokesperson for PayPal "guaranteed" that "no PayPal user will lose money as a result of this incident".

PayPal, with 2.6 million customers, is easily the largest online payment system designed to support online auction users. Customers set up accounts so they can transfer funds back and forth without having to wait for personal checks to clear or money orders to be delivered. Most customers currently pay nothing for the service, which considerably speeds up the auction buying process.

But in this case, a scam artist has apparently discovered a way to dupe PayPal users by dangling a large payment in front of them. " [PayPal's parent company] has notified law enforcement of the fake site and efforts to steal password information," said spokesperson Vince Sollitto. "We have taken steps to prevent this person from withdrawing money from the PayPal system."

Not only was "" very convincing, but the scam artist even goes one step further. He or she is apparently emailing PayPal customers, saying they have a large payment waiting for them in their account.

The message then offers up a link, urging the recipient to claim the funds. But the URL that is displayed for the unwitting victim uses a capital "i" (I), which looks just like a lowercase "L" (l), in many computer fonts.

So, when the victim clicks on that link, he or she is directed to a copycat login page that's really sitting on a British Web hosting service called "Easypost". If the victim does log in, the user name and password are sent to the scam artist. Emails to Easypost were not immediately returned.

Thursday, on a message board devoted to PayPal, several users confessed they'd been tricked into logging in but got suspicious and changed their account information soon after.

"Well colour me stupid. I read half your message [warning of the scam], then went over and checked it out. I logged in and then came back and read the rest," wrote one. "Can someone say IDIOT!! I immediately went to the real PayPal and changed my password. Oh well, silly me."

No users reported noticing any PayPal funds had actually been stolen as a result of the scam.

Armed with the user name and password, a scam artist could possibly drain a victim's PayPal account. PayPal did not immediately respond to inquiries, but both that company and Easyhost had been notified of the scam by late Wednesday, according to writers on the Internet message board.

According to one user, the enticing email read like this:

Michael Swenson just sent you money with PayPal. Amount: $827.46 Click here to get you new account bonus! Did you know you can earn money with the PayPal Refer-a-Friend program? Go to for more details. To view your PayPal balance or other account information, log in at

What do you think? Tell the Mailroom. And read what others have said.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • PayPai is back. I've recently recieved emails from "paypal" saying that a new email address had been registered, and I should verify wether it is mine or not. Email message is from (Capitol I, of course) Which is hosted on Just letting anyone know.
  • Thursday 12 May 2005.
    I have today received in my inbox the very same PayPal email you have been warning people about, so it is still doing the rounds. People Beware!
  • WATCH OUT Paypal scams are back!!!
    I have been scamed by the paypal phishers back in Nov 05. I learned from my bank after they drained my acct & my bank notified me of the purchased made in another country,that the purchases were made in Spain,but werid thing is the web site was from Tawian!!

    I learned my lesson in not trusting all e-mails recieved from paypal. In fact I have been recieving this month consent(3 days straight until I kept sending the fake e-mails to paypal's spoof department) e-mails from the fake paypal site. The way you can spot the fake from the real site; not matter how close it is, is this: look at the URL in adress bar. If it doesn't say "" and or it says that but has other letters or domains attached to it on the adress bar, then it's fake! BE CAREFUL people they are still trying to scam!!!!
  • 4/29/06 Just now received a phishing e-mail from this site. It's a good thing the idiots can't spell or use proper grammar. It makes it easier to spot the scam.