PAYPAL SCAM 1 (888) 381-2917, or visit the PayPal Support Center $300.00 Illegal Access

HEADERS:
Received: from 10.197.32.139
by atlas121.free.mail.bf1.yahoo.com with HTTPS; Wed, 21 Sep 2022 18:04:56 +0000
Return-Path: [email protected]
X-Originating-Ip: [173.0.84.229]
Received-SPF: pass (domain of paypal.com designates 173.0.84.229 as permitted sender)
Authentication-Results: atlas121.free.mail.bf1.yahoo.com;
dkim=pass [email protected] header.s=pp-dkim1;
spf=pass smtp.mailfrom=paypal.com;
dmarc=pass(p=REJECT) header.from=paypal.com;
X-Apparently-To: ; Wed, 21 Sep 2022 18:04:57 +0000
Received: from 173.0.84.229 (EHLO mx4.slc.paypal.com)
by 10.197.32.139 with SMTPs
(version=TLS1_2 cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256);
Wed, 21 Sep 2022 18:04:56 +0000
DKIM-Signature: v=1; a=rsa-sha256; d=paypal.com; s=pp-dkim1; c=relaxed/relaxed;
q=dns/txt; [email protected]; t=1663783494;
h=From:From:Subject:Date:To:MIME-Version:Content-Type;
bh=paXyncYX7YydOYAf2pTOnMEW0kNoqX1O9zAEbTW5mLs=;
b=ksnVwEcqptBeDk/hKvShpUc4MqJHm1ewyURVVD+QdOuJqA6HthPVQksHPNDq1x8F
dGVaph6+ZE+K76dK/JrwJz/5MFS++tB8psmdl4afj21dHrP2qHVi0hvpTBy5gSbp
VVDMC6P3wV4ELxu36GBCZSpzfVSlbWnKzpqSl/fmE0hyDcYJ7etg8Apz0jO9mI90
+ISAP9V7U4WkpW4O/f7Z2s4qorC+n9lXtWM44M4o0Jg65eeO4FMiK4tS/9UeZyY1
jTewnYoGwwt5DAqYyo4/1sTN3GLBCiCqCn/FgAFfeJeytVXeLB/ssSYv/dGjwekH
ublgwuT9BXuchJ3542ZAAg==;
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=“UTF-8”
Date: Wed, 21 Sep 2022 11:04:54 -0700
Message-ID: [email protected]
X-PP-REQUESTED-TIME: 1663783487363
X-PP-Email-transmission-Id: e3723a24-39d7-11ed-af84-3cecef47c0da
PP-Correlation-Id: f45462244bdbf
Subject: Estimate from Financial Centre Financial Centre (00014469)
X-MaxCode-Template: PPC001840
To: <>
From: “[email protected][email protected]
X-Email-Type-Id: PPC001840
MIME-Version: 1.0
X-PP-Priority: 0-none-true
AMQ-Delivery-Message-Id: nullval
X-XPT-XSL-Name: nullval
Content-Length: 26637

My family member got this email, very scary how they make it so real… Google and Apple have got to add better security features.

3 Likes

Should be simple. Email providers could A. Block IPs and B. Block the EMAIL Addresses. That same address has been used many times and looks real.