by oiwnos
Tue Mar 08, 2011 3:44 pm
Is it safe sending my paypal mail-address to a seller in order to provide me via paypal an invoice?
That really depends upon the transaction, it's hard to generalize. Are you dealing with a known seller? Is it through eBay? What are the circumstances of the sale?
In theory there is no particular risk. Your Paypal address is an email address, and most peoples' email addresses are already out in public areas. If, however, the seller claims to need your password, then run away quickly! All a legitimate seller needs to send a Paypal invoice is your address, no password.
If you do send the address and get an invoice, check to see that it really comes from Paypal and is not spoofed. Look at the reply-to address. Make sure it's from @paypal.com. If there is a link in the email, check to see that it starts with https://. The "s" at the end of the normal http means it's secure. Fake Paypal sites will not have that.
Be careful as well that the address that comes when you click reply is the same as it appears in the email; these are often spoofed so that what you see in the mail is not where it actually goes. You can confirm this by looking at the actual address that appears in the 'send' window. Fake Paypal sites will usually include Paypal in the name somehow, trying to look real, but will have other characters as well.
Most importantly, never click on any links in the email you receive. Log into your Paypal account directly by going to https://www.paypal.com. Any invoice, payment, debit notice, message, or anything else that is sent by Paypal will appear in your account if you log in directly. If you go to your account and there's no trace of a invoice, you know the emailed one is fake. Links inside an email can be spoofed and may lead to a counterfeit site.
Finally, if you get any message purporting to be from Paypal but asking you to remit by Western Union or Moneygram, you can be 100% sure that's a scam. Paypal is a payment service; Western Union is a competing payment service. Paypal will NEVER tell its customers to send money by a rival company.
