I can no longer use my paypal account. When I go to the real paypal site (I even manually type in www.paypal.com (http://www.paypal.com)), and then I log in, immediately another page comes up and say my account has been selected for a random security measures check. They ask for my full CC numbe and my full bank account number. I DID NOT enter either.

I have two items I need to pay for with paypal, but I refuse to enter this info.

After logging in to the real paypal page, this spoof page comes up. So I am not able to do anything in my paypal account - change my password, or anything at all.

Anybody else getting this?

No. Do you have an updated anti virus program? Have you tried running Ad-Aware or Spybot S&D? If you aren't coming up with anything I would suggest going to one of the forums where you can post HijackThis logs and have them check it out.

I do run adaware. I also have avast! AV and it is current.

I figured out the paypal page is probably legit, since it prompts me to enter my full CC number "for the card ending in xx". the xx that is displayed is the correct last two digits of my CC.

Below that it asks me for the "full Randolph Brooks FCU account number of the account ending in xx", and the xx is also the correct last two numbers of my bank account.

I now believe this is legit, however I refuse to enter the requested information, so I can no longer use my paypal account. It won't let me past this screen after log in.

I have sent them about 3 nasty emails about this and told them what to do with their security check page.

Try logging into your PayPal from another computer and see if the same page comes up. If so, then it's obviously tied to your account and not just malicious software on your own computer, so I'd be inclined to think it's legit.

Does it have the securite site lock either in the URL bar, or in the lower right corner of your browser? This can also be another surefire sign of fraudulent sites.

If you're still worried (and I don't blame you), I would wait to speak to their Support. I'm not sure if you can call them or have to wait for online support, but I would have them confirm or disconfirm whether they put those security measures up.

thanks, Dex. I've accessed my account with two different computers at home. Happens on both. However, I've got a new laptop that I've never accessed my paypal account with. I'll try that today.

Another thing that worried me is that there is a link near the top right of the page "Help with this page". When you click the link you get an error "page not found" or "outdated link" or something like that... so it it is legit, pretty sloppy of them.

crappy company that's for sure.

edit: yes, in my firefox browser, on that page there is "www.paypal.com" on the bottom right and the padlock symbol.

thanks, Dex. I've accessed my account with two different computers at home. Happens on both. However, I've got a new laptop that I've never accessed my paypal account with. I'll try that today.

Another thing that worried me is that there is a link near the top right of the page "Help with this page". When you click the link you get an error "page not found" or "outdated link" or something like that... so it it is legit, pretty sloppy of them.

crappy company that's for sure.

edit: yes, in my firefox browser, on that page there is "www.paypal.com" on the bottom right and the padlock symbol.

Strange stuff. I've never heard of someone being able to actually hijack your account like that, and as crappy as their Customer Service may be, PayPal is usually pretty legit.

The SSL Lock in the bottom right corner is usually a good sign, but it's not impossible for a hacker or thief to enable SSL on a bogus site.

Still, the fact that the Help link on that very page is busted definitely seems like a red flag.

I think the safest bet would be to wait until you can speak with someone with PayPal, perhaps report it to their fraud department or something if they have one. Definitely a pain in the ass, though.

Just to double check the SSL certificate, while loaded to the site in question, go into your Firefox preferences (On Windows, it will be under the Tools menu, on Mac it will be under Firefox). Go to the Security tab, and look under Web Site Identity. It should say

Web site: www.paypal.com
Owner: PayPal, Inc.
Verified by: Verisign, Inc.

yes it does have that.

Still, I've emailed paypal a few times. waiting for a response. with all the spoofing and phishing going on, I don't appreciate the company itself asking for my full financial info.

yes it does have that.

Still, I've emailed paypal a few times. waiting for a response. with all the spoofing and phishing going on, I don't appreciate the company itself asking for my full financial info.

Yeah, sounds like its probably legit, but it definitely seems fishy. Even if it IS a security measure by PayPal, that's an awful lot to ask for a random check. I know the general rule of thumb these days is not to give that information to anybody but your bank and well trusted shopping sites.

Type in some random BS and see what happens.

Also you'd probably be better off calling PayPal when they are open, rather than emailing them...