To: "Petra Kienast" <Petra.Kienast@XXXX>
Subject: RE: Q510 - Thank you for your email to PayPal (KMM89978315V25952L0KM) :kf1
From: <spoof@paypal.com>
Reply-To: <spoof@paypal.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
X-Mailer: KANA Response 7.0.1.142.12
Message-ID: <USA-ENTOT-002hbE2jZ00130c06@usa-entot-002.corp.ebay.com>
X-OriginalArrivalTime: 02 Oct 2007 11:52:49.0818 (UTC) FILETIME=[C1ABCFA0:01C804EA]
X-TOI-SPAM: u;0;2007-10-02T11:53:01Z
X-TOI-VIRUSSCAN: unchecked
X-TOI-MSGID: 4643e9a1-ac64-4912-9c03-c1c6c0a8eb68
X-Seen: false
X-ENVELOPE-TO: <Petra.Kienast@XXXX>
X-Spam-Level: 8/5
X-FS-Classification-spam: 8
X-FS-Classification-phishing: 9
X-FS-Diagnostics: database-version=2007-09-26 tests=FIRST_UNTRUSTED_NO_RDNS,FS_PHISH_VICTIM_URL_PREFIX,FS_UNTRUSTED_2,NO_REAL_NAME,FS_CLASS_SPAM_8,FS_CLASS_PHISHING_9
X-Spam-Flag: Yes

Dear Petra Kienast,

Thanks for taking an active role by reporting suspicious-looking emails.
The email you forwarded to us is a phishing email, and our security team
is working to disable it.

-------------------------
What is a phishing email?
-------------------------
Phishing emails attempt to steal your identity and will often ask you to
reveal your password or other personal or financial information. PayPal
will never ask for your password over the phone or in an email and will
always address you by your first and last name.

Take our Fight Phishing Challenge at
paypal.com/fightphishing to learn 5 things you should know
about phishing. You'll also see what we're doing to help fight fraud
every day.

-------------------------
You've made a difference.
-------------------------
Every email counts. By forwarding a suspicious-looking email to
spoof@paypal.com, you've helped keep yourself and others safe from
identity theft.

Thanks,

The PayPal Team

_______________________________________________________________________
This email is sent to you by the contracting entity to your User
Agreement, either PayPal Inc, PayPal Pte. Ltd or PayPal (Europe) S.à
r.l. & Cie, S.C.A. Société en Commandite par Actions, Registered Office:
5th Floor 22-24 Boulevard Royal L-2449, Luxembourg RCS Luxembourg B 118
349.

_______________________________________________________________________


Original Message Follows:
-------------------------

>Return-Path: <service@paypal.com>
>Received: from mailin##.aul.t-online.de
>(mailin##.aul.t-online.de [###.##.##.##])
> by mhead### with LMTP; Tue, ## Oct #### ##:##:## +####
>X-Sieve: CMU Sieve #.#
>Received: from ##-##-##-##.ip.fastwebnet.it
>([##.##.##.##]) by mailin##.aul.t-online.de
> with esmtp id #IcYkJ-#vcH###; Tue, # Oct #### ##:##:## +####
>Received: from localhost (localhost [###.#.#.#])
> by ##-##-##-##.ip.fastwebnet.it (Postfix) with ESMTP id
##C#B#B###B;
> Tue, # Oct #### ##:##:## +#### (CEST)
>Received: from ##-##-##-##.ip.fastwebnet.it ([###.#.#.#])
> by localhost (##-##-##-##.ip.fastwebnet.it
> [###.#.#.#]) (amavisd-new, port #####)
> with ESMTP id #####-##; Tue, # Oct #### ##:##:## +#### (CEST)
>Received: from User (mail.dataflownetworks.com [##.##.#.###])
> by ##-##-##-##.ip.fastwebnet.it (Postfix) with ESMTP id
D###B#ACF##;
> Tue, # Oct #### ##:##:## +#### (CEST)
>From: "service@paypal.com" <service@paypal.com>
>Subject: Dear paypal customer!
>Date: Mon, # Oct #### ##:##:## -####
>MIME-Version: #.#
>Content-Type: text/html;
> charset="Windows-####"
>Content-Transfer-Encoding: #bit
>X-Priority: #
>X-MSMail-Priority: High
>X-Mailer: Microsoft Outlook Express #.##.####.####
>X-MimeOLE: Produced By Microsoft MimeOLE V#.##.####.####
>Message-Id: <##############.D###B#ACF##@##-##-##-##.ip.fastwebnet.it>
>To: undisclosed-recipients: ;
>X-TOI-SPAM: u;#;####-##-##T##:##:##Z
>X-TOI-VIRUSSCAN: unchecked
>X-TOI-MSGID: c######e-##c#-#cb#-#edb-#a#afbfc##b#
>X-Seen: false
>X-ENVELOPE-TO: <petra.kienast@xxxx>
>X-Spam-Level: #/#
>X-FS-Classification-spam: #
>X-FS-Classification-phishing: #
>X-FS-Diagnostics: database-version=####-##-##

>tests=FIRST_UNTRUSTED_MANY_NO_RDNS,FIRST_UNTRUSTED_NO_RDNS,FORGED_MUA_O

UTLOOK,FORGED_OUTLOOK_HTML,FS_PHISH_VICTIM_FORGED,FS_PHISH_VICTIM_URL,FS

_PHISH_VICTIM_URL_PREFIX,FS_UNTRUSTED_#,HELO_DYNAMIC_IPADDR#,HTML_##_##,

HTML_MESSAGE,HTML_TITLE_UNTITLED,MIME_HTML_ONLY,UNDISC_RECIPS,X_PRIORITY
_HIGH,FS_CLASS_SPAM_#,FS_CLASS_PHISHING_#
>X-Spam-Flag: Yes
>

From: "service@paypal.com" <service@paypal.com>
Subject: Dear paypal customer!
To: undisclosed-recipients: ;


Dear PayPal Customer,

This email is to inform you, that we had to block your PayPal Account access because we had to upgrade our servers in order to remove online fraud.

Our terms and conditions you agreed to state that your account must always be under your control or those you designate at all times. We have noticed some unusual activity related to our servers that indicates that other parties may have access and, or control of your informations in your account.

Please follow this link to confirm your account access information :

die gefälschte URL "xxxxxxxxxxxxxxxx"

Please be aware that until we can verify your identity no further access to your account will be allowed and we will have no other liability for your account or any transactions that may have occurred as a result of your failure to upgrade your account as instructed above.

Thank you for your time and consideration in this matter .

Sincerely,
PayPal Account Departement.



© Copyright 2007, PayPal. All Rights Reserved.