Featured: Seriously? Giving away your Paypal account? I don't get it. Also this week: I get spam, you get spam, everyone gets spam! Also, standby is still kinda dicey on some machines when it comes to networking.
Happy Anniversary to ... me! Friday marks the fifteenth anniversary of Ask Leo!! Now, there's something I never would have predicted. Trivia: it's the longest "job" I've ever held. (Yeah, I was at Microsoft for 18+ years, but I held a variety of positions during my tenure.) Much has changed in that time. My first question was about Internet Explorer 6, for example. Paying the bills remains a bit of a challenge in these days of adblockers and ad-blindness, so I really do appreciate all my patrons who've come together to help Ask Leo! continue into the future. As I often tell folks who ask me what I do, there's no shortage of questions about technology, and that's not something I see changing any time soon. :-)
A special THANK YOU to my assistants and editor. Andrea, Connie, Mark, and Mary Beth are all key to helping make the magic happen behind the scenes.
Someone tried to give me a PayPal account this morning. Someone in Germany, to be specific. I suspect they weren't trying to give me their account, but made a mistake when setting it up.
That mistake is surprisingly common. Seeing as how the result would be my owning their PayPal account, I really don't understand how they could make such a serious mistake. But as I said, it's common.
It highlights something critical you need to know to keep your accounts safe.
Welcome to PayPal
Here's the message I received:
That's the German-language version of the “Welcome to PayPal” message that's sent after you create a PayPal account. That it was in German, and the sending domain was “paypal.de”, led me to believe that the person attempting to create the account is in Germany.
Not only was it a welcome message, it was also an email-confirmation message. When I allowed Gmail to translate the message, that part was clear:
And yes, before you ask, I examined the email headers and verified that the message was legitimate and not a phishing attempt.
So, all I had to do was click.
Confirming the email address
If I click the confirmation link, I'll be taken to the PayPal account, albeit in German.
I'll probably be asked to log in, but I won't know the password. That's not a problem, though. I could just ask for a password reset using the email address on the account…
… my email address.
Once that arrived and I set a new password, the account would be in my control. If I wanted to, I could go in and change all the additional recovery information associated with the account to cement my ownership.
I wonder if it already has any money in it? Or if it's linked to a bank account that does?
The error that caused all this is that the person attempted to open a PayPal account using the wrong email address — my email address instead of their own.
There are several ways this can happen.
The one that I can actually understand is a simple typo. If your email address is email@example.com and you accidentally type in firstname.lastname@example.org, that's a completely different email address. It could be an unused address or it could belong to someone else. One thing's for certain: it's not your email address.
Another less common but equally understandable error is period confusion. On some email systems, email@example.com and firstname.lastname@example.org are two different email addresses. On other systems, they are treated exactly the same — periods are ignored. (It's a feature… or so I'm told.)
As we'll see in a moment, that might have played a role. However, there's another mistake I see frequently that completely baffles me: email addresses that make no sense given the name. If your name is John Smith, it seems nonsensical to use that as your display name for an account whose email address is, say, email@example.com. I get why spammers do it (all the time), but I don't get why “real” people do it.
And do it, they do.
My email address
One of my many email addresses is firstname.lastname@example.org. (Don't bother sending email to it — direct email is ignored specifically because I don't use it publicly at all. Use the contact form instead.)
The PayPal account was opened with a real name, which I've obscured above, and email@example.com as the email address.
There are at least two problems:
- Their real name had nothing to do with “ask leo”. Or “ask”. Or “leo”. In fact, ask.leo is about as far away from the person's real name as it would be from “John Smith”. It makes absolutely no sense.
- firstname.lastname@example.org is exactly the same as email@example.com. It's mine.
Unless this was a spammer going through a lot more work than I expect spammers to go through, I just don't get it.
This isn't about PayPal. This is about something much more important: using your email address.
The critically important lesson is simply this:
Always get your email address right!
That actually includes a number of things:
- Know what your email address is. Surprisingly, many do not, particularly in populations that are more mobile- than email-centric.
- Know you have access to it before using it. I suspect this might have been part of the scenario above: either using an email address with plans to create it next, or using it prior to confirming you can access it.
- Enter your email address correctly, every single time. This is why so many forms have you enter your email address twice: a lot of people don't check. Don't be those people: carefully enter your email address when you need to, and then carefully check that you got it right.
Above all: be careful!
If you get any of those items wrong, at best you won't get whatever you are providing your email address for.
At worst, you'll be giving that something — like a PayPal account — to someone else.
So, should I click?
When I posted this on Facebook, someone suggested that I confirm and then immediately close the account. My sense is that this opens a door to liability and risk I shouldn't take. Worst case scenario, I suppose, is that it's an intentional part of some elaborate scheme I don't understand.
In my opinion, the only safe and ethical approach is to ignore the email completely. So that's what I did. Once I realized the ramifications, I took the screenshots above and deleted the email. (As it's legitimately from PayPal and the result of an apparent error, calling it “spam” would be inappropriate.)
The person trying to create this account will be unable to log in, or at least be unable to confirm the email address. Presumably they will eventually realize their error and deal with it.
But no, I'm not clicking it, and I'm certainly not going to take over their account.
Others, however, might not be so kind.
Related Links & Comments: How to (Accidentally) Give Someone Else Your PayPal Account
Spam is ubiquitous. Everyone gets spam. Those who aren't will, and those who're only getting a little will eventually get more.
I get many hundreds of spam messages a day. That's probably nearer the high end of the average range, but it's certainly not an uncommon amount.
While one source shows that spam has dropped to just under half of all email traffic for the first time in years, it certainly doesn't seem that way in our mail folders, does it?
What's a poor user to do?
Continue Reading: How Do I Get Rid of All this Spam?!?!
This is an update of an article originally published nearly twelve years ago. One would hope things have improved since then. While I suppose they have to some degree, a dozen years later, this scenario remains fairly common.
Continue Reading: Why Does My Network Not Work After Resuming from Standby?
A feature exclusively available to Ask Leo! Patrons Bronze level & above.
- Tip of the Day: Move Any of the Default Folders
- Tip of the Day: Show the Desktop with a Click
- Tip of the Day: There's Nothing Special about Keyloggers
- Tip of the Day: Consider Speech Recognition and Speech-to-text
- Tip of the Day: Always Choose Custom Install (and then Pay Attention)
- Tip of the Day: Mark Spam as Spam (and Move On)
- Tip of the Day: Reduce the Number of Restore Points
More Ask Leo!
Leo's Other Projects....HeroicStories Since 1999, HeroicStories brings diverse, international voices to the world ' reminding us that people are good, that individuals and individual action matter. Stories - new and old - are published twice a week.
Not All News Is Bad - Each day I look for one story in the current news of the day with a positive bent. Just one. And I share it.
leo.notenboom.org - My personal blog. Part writing exercise, part ranting platform, it's where I write about anything and everything and nothing at all.
Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at https://newsletter.askleo.com for their own FREE subscription!
Newsletter contents Copyright © 2018,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC