I did something dumb a week or so ago. It was real dumb. So dumb, in fact, that I’m a little afraid if I tell you this story you’ll lose all faith in my intelligence and my ability to protect you along the danger-ridden road of real estate transactions.
I’m going to tell you anyway, however. I’m going to tell you about this dumb thing I did and all of the steps I’ve had to take to cure it so that you can learn from my mistake. Maybe you will think I’m a moron, but at least you won’t fall into the same trap I did.
So you know how I’m on my 10-year high school reunion committee? Well I’m actually kind of the treasurer of the committee. I opened the bank account we’ve been collecting the money in and am the one all the checks have been sent to. I also opened a Paypal account so people could pay online if they want.
The reunion is in less than a month, so we have almost $13,000 in the bank account in my name waiting to be paid out to our venue. Last week I got an email from Paypal asking that I update my account info to ensure that no unsecured third party was able to access it without my approval. Big words and statements crafted by legal types tend to lull me into a compliant coma, so I clicked on the link provided at the bottom of the email and proceeded to enter my Paypal recipient address, the password, my name and personal address, oh and just for kicks, the bank card number, expiration date, pin and verification number associated with the account. Yep, I did that, and then two days later when I got a similar email, I thought only to myself, “Wow, Paypal is really taking lots of steps to insure that my account isn’t being broken in to,” and entered the info AGAIN.
So some of you Mensa members out there might see where this one is going. It turns out that those emails I was getting weren’t actually from Paypal. Even though they had the cute little Paypal logo and even a ‘Case Reference Number’ and tons of legal jargon, they were part of what’s called a ‘phishing’ scheme. And I’m what we like to refer to as batter-fried halibut tacos, freshly caught in waters of the world wide web. I didn’t even figure out this was the case until I mentioned that I had been ‘updating’ my Paypal account to my scheme savvy husband, who immediately freaked out, both because of the possibility of lost money, and also because he had married a woman so stupid as to get caught by something like that. Let me tell you that was not a fun night. Not only did he give me an earful about how shocked he was that I didn’t know that, but I got the same reaction and speech from my parents.
Anyway, the point of all of this is it’s very important to know one thing:
NEVER EVER click on a link from your bank or lending institution and enter account or other personal info. If you think your bank is requesting updated info, type in the site on the address bar and see if it still requests it, or better yet, call them.
I changed my password to Paypal immediately and called and canceled the bank card and had it marked stolen. I also went into the bank and put a Secret Password on to all of my accounts so that no one can access them without knowing that my favorite Doodlebop is Moe (Darn it! Now I have to change it!). We were lucky, no money was stolen. I talked to another gal at my office a couple of days later, though, and she said she had a similar thing happen to her with her Wells Fargo account a year ago. Her account was wiped out the next day.
So make sure you’re smarter than I am. If you ever get a letter like this, don’t be a dope and give them all your information:
PayPal is committed to maintaining a safe environment for its community of
buyers and sellers. To protect the security of your account, PayPal employs
some of the most advanced security systems in the world and our anti-fraud
teams regularly screen the PayPal system for unusual activity.
Recently, our Account Review Team identified some unusual activity in your
account. In accordance with PayPal’s User Agreement and to ensure that your
account has not been compromised, access to your account was limited. Your
account access will remain limited until this issue has been resolved. This
is a fraud prevention measure meant to ensure that your account is not
In order to secure your account and quickly restore full access, we may
require some specific information from you for the following reason:
We would like to ensure that your account was not accessed by an
unauthorized third party. Because protecting the security of your account
is our primary concern, we have limited access to sensitive PayPal account
features. We understand that this may be an inconvenience but please
understand that this temporary limitation is for your protection.
Case ID Number: PP-046-631-789
We encourage you to log in and restore full access as soon as possible.
Should access to your account remain limited for an extended period of
time, it may result in further limitations on the use of your account or
may result in eventual account closure.
Thank you for your prompt attention to this matter. Please understand that
this is a security measure meant to help protect you and your account. We
apologize for any inconvenience.
To keep your account active, click here:
PayPal Account Review Department
PayPal Email ID PP576
(Looks so legitimate, right? I know, you totally would have done it too, huh? Thanks for making me feel better.)