Paypal SMS Phishing: Do not follow the links

If you get something similar, do NOT follow the link.  If you have any questions about Paypal, login directly to Paypal, not any other site.

2015-02-09 10.40.33
A real text message! URL obscured.


Response from Paypal:

Thank you for being a proactive contributor by reporting
suspicious-looking emails to PayPal’s Abuse Department. Our security team is working to identify if the email you forwarded to us is a malicious email.

Paypal Will Always:

– Address our customers by their first and last name or business name of their PayPal account

Paypal Will Never:

– Send an email to: “Undisclosed Recipients” or more than one email address
– Ask you to download a form or file to resolve an issue
– Ask in an email to verify an account using Personal Information such as Name, Date of Birth, Driver’s License, or Address
– Ask in an email to verify an account using Bank Account Information such as Bank Name, Routing Number, or Bank Account PIN Number
– Ask in an email to verify an account using Credit Card Information such as Credit Card Number or Type, Expiration Date, ATM PIN Number, or CVV2 Security Code
– Ask for your full credit card number without displaying the type of card and the last two digits
– Ask you for your full bank account number without displaying your bank name, type of account (Checking/Savings) and the last two digits
– Ask you for your security question answers without displaying each security question you created
– Ask you to ship an item, pay a shipping fee, send a Western Union Money Transfer, or provide a tracking number before the payment received is available in your transaction history


Any time you receive an email about changes to your PayPal account, the  safest way to confirm the email’s validity is to log in to your PayPal account where any of the activity reported in the email will be available to view. DO NOT USE THE LINKS IN THE EMAIL RECEIVED TO VISIT  THE PAYPAL WEBSITE. Instead, enter into your browser to log in to your account.

What is a phishing email?

You may have received an email falsely claiming to be from PayPal or another known entity. This is called “phishing” because the sender is “fishing” for your personal data. The goal is to trick you into clickingthrough to a fake or “spoofed” website, or into calling a bogus customer service number where they can collect and steal your sensitive personal
or financial information.

We will carefully review the content reported to us to certify that the content is legitimate. We will contact you if we need any additional information for investigating the matter. Please take note to the security tips provided above as they may help to answer any questions that you may have about the email you are reporting to us.

Help! I responded to a phishing email!

If you have responded to a phishing email and provided any personal information, or if you think someone has used your account without permission, you should immediately change your password and security questions.

You should also report it to PayPal immediately and we’ll help protect you as much as possible.
1. Open a new browser and type in
2. Log in to your PayPal account.
3. Click “Security and Protection” near the top of the page.
4. Click “Identify a problem.”
5. Click “I think someone may be using my account without permission.”
6. Click “Unauthorized Account Activity.”

Thank you for your help making a difference.

Every email counts. By forwarding a suspicious-looking email to, you have helped keep yourself and others safe from identity theft.

The PayPal Team


Net Neutrality: FCC to do good!

In Net Neutrality Plan, F.C.C. Chief Sees Internet Service Regulated as Public Utility — The New York Times

FCC Chairman Tom Wheeler’s statement:

The internet must be fast, fair and open. That is the message I’ve heard from consumers and innovators across this nation. That is the principle that has enabled the internet to become an unprecedented platform for innovation and human expression.
— Tom Wheeler, FCC Chairman

What is Net Neutrality? Techy, boring, and extremely important.



Puxatawney Phil better be lyin’, because I’m not putting up with 6 more weeks of this.

The view from my back window

Waiting for the Winds of Winter

And I guess I’ll have to keep waiting:

Another year of waiting for The Winds of Winter to blow is in store for fans of George RR Martin, as his publisher confirmed there are no plans for the much-anticipated latest volume from his A Song of Ice and Fire series to appear in 2015.

Stay healthy, George.  You’ve got a lot of writing left to do.

There’s only room for 3 news stories

It appears that the news cycle can absorb only 3 news stories and, currently, it’s fully stocked.

1.  Of great national importance, it may start snowing in New York soon. Weather in New York is always of great national importance.

2.  Something happened with a football last weekend. I don’t understand exactly what, but I’m told it’s of existential importance. This is also a national story.

3.  In Chicago, Ernie Banks is still dead.

Should anything else happen, we’ll find out after the local elections in February.


The Risks of Building Your Own CMS

There’s a lot of good information in this post:

“Technology is strategy, and culture eats strategy for breakfast.”

“This is to say nothing of the most fatal flaw in the “roll your own CMS” plan. News organizations, especially ones with just one medium-sized digital property (this applies to many independent daily newspapers, for example), have a terrible time retaining technical talent.”

There is more risk in going out on your own than working with an established CMS like WordPress.