Phishing PayPal email in my Gmail account

I got a phishing spam PayPal email that mimics the address services.paypal.com in my Gmail account, with title “Notification of Limited Account Access,” and a url that asks me to verify my paypal account but pointing to http://www.soios.com/matiz/varios/www.paypal.com/ssl/, which is not paypal’s website. It’s actually from servidor01.mimela.com, not paypal’s server. Here’s part of the heading of the email from the original message, which can be seen in GMail by clicking the arrow next to the reply button and then click “Show original.”

Received: from servidor01.mimela.com ([64.22.85.7])
by mx.google.com with ESMTP id 26si58691192wrl.2006.12.03.18.12.08;
Sun, 03 Dec 2006 18:12:08 -0800 (PST)
Received-SPF: softfail (google.com: domain of transitioning [email protected] does not designate 64.22.85.7 as permitted sender)
Received: from soios by servidor01.mimela.com with local (Exim 4.52)
id 1Gr3KQ-000599-7W
for [email protected]; Mon, 04 Dec 2006 03:13:10 +0100
Content-Type: text/html; charset="iso-8859-1"
............

Message-Id:
Date: Mon, 04 Dec 2006 03:13:10 +0100
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname – servidor01.mimela.com
X-AntiAbuse: Original Domain – gmail.com
X-AntiAbuse: Originator/Caller UID/GID – [32705 32706] / [47 12]
X-AntiAbuse: Sender Address Domain – paypal.com
X-Source:
X-Source-Args:
X-Source-Dir:

Here’s the picture of the email (click for original size):

paypal phishing

One thought on “Phishing PayPal email in my Gmail account”

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>