PayPal alert! Beware the 'Paypai' scam

This Russian-based site sure looks like the popular PayPal.com payment site, complete with pilfered user names and passwords.
Written by Bob Sullivan, Contributor
A scam artist last night created an exact replica of PayPal.com and used the fake site to attempt to pilfer user names and passwords from customers of the online payment system. The site, deceptively named PayPai.com, was a convincing duplicate of the real thing - but according to Network Solutions Inc., Paypai.com is registered to Birykov Inc. in South Ural, Russia.

However, by 10:45 a.m. Pacific Time the copycat site was down. Meanwhile, a spokesperson for PayPal "guaranteed" that "no PayPal user will lose money as a result of this incident."

PayPal, with 2.6 million customers, is easily the largest online payment system designed to support online auction users. Customers set up accounts so they can transfer funds back and forth without having to wait for personal checks to clear or money orders to be delivered. Most customers currently pay nothing for the service, which considerably speeds up the auction buying process.

But in this case, a scam artist has apparently discovered a way to dupe PayPal users by dangling a large payment in front of them. "X.com (PayPal's parent company) has notified law enforcement of the fake site and efforts to steal password information," said spokesperson Vince Sollitto. "We have taken steps to prevent this person from withdrawing money from the PayPal system."

Not only was "Paypai.com" very convincing, but the scam artist goes even one step further. He or she is apparently e-mailing PayPal customers, saying they have a large payment waiting for them in their account. The message then offers up a link, urging the recipient to claim the funds. But the URL that is displayed for the unwitting victim uses a capital "i," (I), which looks just like a lowercase "L," (l), in many computer fonts.

So, when the victim clicks on that link, he or she is directed to a copycat login page that's really sitting on a British Web hosting service called "Easypost." If the victim does log in, the user name and password are sent to the scam artist. E-mails to Easypost were not immediately returned.

Thursday, on a message board devoted to PayPal, several users confessed they'd been tricked into logging in but got suspicious and changed their account information soon after.

"Well color me stupid. I read half your message (warning of the scam), then went over and checked it out. I logged in and then came back and read the rest," wrote one. "Can someone say IDIOT!! I immediately went to the real PayPal and changed my password. Oh well, silly me."

No users reported noticing any PayPal funds had actually been stolen as a result of the scam.

Armed with the user name and password, a scam artist could possibly drain a victim's PayPal account. PayPal did not immediately respond to inquiries, but both that company and Easyhost had been notified of the scam by late Wednesday, according to writers on the Internet message board.

According to one user, the enticing e-mail read like this:

Michael Swenson just sent you money with PayPal. Amount: $827.46 Click here to get you new account bonus! http://www.PayPaI.com/bonus Did you know you can earn money with the PayPal Refer-a-Friend program? Go to http://www.Pay-Pal.com/specialoffers for more details. To view your PayPal balance
or other account information, log in at http://www.PayPaI.com/login

Editorial standards