I came across an interesting new phishing scam in my personal inbox earlier this week. The scam came in the form of an email from ... paypal.com ... ?

Yep, that's right! I received an invoice from service@paypal.com requesting that I pay a sum of $600 for a gift card for someone who I have never heard of.

This caught me off guard at first. Obviously, I hadn't bought a $600 gift card for a complete stranger, so I suspected phishing right out of the gate. But for a phishing attack like this, I would normally expect the email to come from some random email made up of alphabet soup and coming from a clearly illegitimate domain, and for all the links in the email to refer to similarly illegitimate addresses. But that wasn't the case. The email came from PayPal, and all the buttons and links referred to pages in the PayPal domain. This email looked like a legitimate invoice from PayPal.

I received this email invoice from service@paypal.com, and all the links go to pages in the PayPal domain.

Turns out, it is a legitimate invoice from PayPal! Well, sort of. It is "Legitimate" in the sense that it actually came from PayPal. It is not "legitimate" in the sense that I did not actually buy the thing, nor did I actually owe the money.

After doing a bit of research, I found that this particular scam has been happening since at least 2020, but has been gaining popularity in the past couple months. Basically, the scammers take advantage of a legitimate feature of PayPal, which is the ability for any PayPal user to send an invoice for payment to any other PayPal user. The invoice is, thus, very real. In fact, if the target logs into your actual PayPal account, you might see the invoice there as well, which grants an extra illusion of authenticity to the scam, and might scare people into thinking that they actually owe the money (especially if the email threatens penalties for not paying immediately).

A few days ago, I received an unusual comment on one of my posts on this blog. The comment claimed to be from a "certified illustrator" who claimed that I was using some of her copywritten images without credit. The comment included a link to a Google Drive document that supposedly contained a list of the offending images, and suggested that the illustrator would sue me if I did not promptly remove the images. The full message is duplicated in text below, and in screenshot form:

Hi there!

This is Melika and I am a certified illustrator.

I was baffled, frankly speaking, when I came across my images at your web-site. If you use a copyrighted image without my permission, you must be aware that you could be sued by the copyrigh owner.

It's not legal to use stolen images and it's so filthy!

Take a look at this document with the links to my images you used at www.megabearsfan.net and my earlier publications to get evidence of my copyrights.

Download it right now and check this out for yourself:

https://sites.google.com/site/case53703/googledrive/share/downloads/
file/storage?ID=6543774982793

If you don't delete the images mentioned in the document above within the next few days, I'll write a complaint against you to your hosting provider stating that my copyrights have been infringed and I am trying to protect my intellectual property.

And if it doesn't work, you may be pretty damn sure I am going to report and sue you! And I will not bother myself to let you know of it in advance.

This comment was posted on one of my blog posts, claiming that I would be used for the use of copywritten images.

I am reasonably certain that this message is a scam. If you see this message in your comments, or receive it in an email, do not open the link!

Internet service providers have a reputation for being some of the worst, most un-ethically-run companies in the country. I hadn't imagined that a company could be worse than Cox Communications. As a child, pretty much every time my dad had to call them for any problems, they refused to take any responsibility for their poor service, and always blamed the issues on his hardware or on his computer having viruses -- which was only sometimes true. Basically, they would blame his hardware as an excuse to upsell him new hardware that would also only barely work.

When I moved into my own place, I wasn't happy with having to purchase Cox as my internet and television provider. But to their credit, they gave me an affordable price, and the service was pretty reliable. At least, up until a few years ago.

Don't do it! It's a trap!

My internet started failing intermittently. It would go out almost every night for minutes or hours at a time. Sometimes resetting the router and/or modem would fix the problem, but only temporarily. I had multiple technicians come out to the house to troubleshoot the problems. They would aknowledge the problem, but would be unable to find the cause. To my surprise, they even told me that it was almost certainly not a problem with my local network set-up. I had thought for sure that they would blame my hardware or network in an attempt to upsell me more hardware. They even ran a new line from the street out to my house. I had my own, dedicated DSL line going into my house! That would be pretty sweet, if it would work. Cox even reimbursed my bill for the disruptions.

Sadly, none of Cox's efforts worked. My internet still failed consistently. My girlfriend was dependent on our internet to do online classes related to her job, and so this was inexcusable.

And then I got scammed by CenturyLink

Like a predatory evangelist waiting to swoop in and take advantage of a tragedy to sell a grieving person on the "comfort" of Jesus, an opportunistic CenturyLink salesman showed up at our door. He was claiming that CenturyLink had just laid fiber optic lines in our neighborhood and was offering a sweet deal to switch. I had been thinking about switching to CenturyLink, if only to be able to have a reliable service again.

My frustrations with CenturyLink, and my feelings of having been scammed started as soon as the service was set up in my home. The service that was installed was not the service that I thought I had signed up for.

When the sales rep had come to my door, he had specifically asked me what services I was receiving from Cox. I told him that I was getting HDDVR, a second cable receiver, and high-speed broadband internet for about $150 per month (a price that had been locked-in for life). The sales rep told me that I could get all of that for $75 per month. I should have recognized that this was too good to be true, but I made the mistake of signing on the dotted line. When the technician came to install the hardware the following week, I realized that the sales rep had flat-out lied to me. I had fallen victim to a bait-and-switch scam, which is apparently CenturyLink's modus operandi...

Back in April, I expressed my dissapproval of the Raiders plan to relocate to Las Vegas. At the time, my primary objection was to the idea of building an NFL-size stadium adjacent to UNLV's campus. But as time has moved on, the plans have shifted, and the city has come up with new location proposals for the $1.9 billion stadium, as well as new financing plans. Last week, the Nevada State Legislature, on the order of Governor Brian Sandovall, convened a special session to vote on the proposed stadium financing plan. The successful vote was a win for the Raiders' plan to relocate, but was a major loss for the city of Las Vegas and state of Nevada.

The finance plan requires the city of Las Vegas to raise $750 million in funds from a hike in room taxes for its hotels. This leaves taxpayers supposedly off the hook by passing the bill onto tourists. Critics have complained that this takes money away from Las Vegas schools and other public infrastructure and services, but this criticism is a bit of a red herring, as there were no plans to collect such revenues and spend them on schools or other services to begin with. Critics are valid in pointing out, however, that this does take that money away from potentially being collected for the purposes of funding education or services in the future.

The city, tourists, and UNLV all get screwed

I would be fine with this $750 million price tag if the plan guaranteed some degree of revenue or profit-sharing for the city of Las Vegas. It would be an up-front investment with the potential of paying for itself over the long-term. No such fortune for us Vegas residents. This is a bum deal for the city of Las Vegas, however, as the plan does not allow for any revenue or profit-sharing from the proceeds that the stadium may gain. So public money is being spent on the project, but no money is going back to the public. Sheldon Adelson and Mark Davis are both billionaires. If they really wanted the Raiders to move to Las Vegas, they can afford to build their own damn stadium.

Mark Davis and Sheldon Adelson are both billionaires. They can afford to build their own damn stadium.

What really sours this deal though is that it also presents some other "screw you"-s to the city of Las Vegas. The plan to build a new stadium started out as a plan to build a new stadium for UNLV's football program. But UNLV gets screwed by this deal, as they will actually have to pay approximately $250,000 per game to the stadium's owners in order to play their home games there! They'd have to pay $250,000 per game to "rent" this facility! "Public stadium", my ass! If Las Vegas is raising tax money to pay for this stadium (and we're paying for almost half of the entire bill), then it should belong to the City of Las Vegas or Clark County. If it belonged to Las Vegas, then our public university (UNLV) should be able to use the facility, and should get revenue from ticket sales. Not so, apparently. Make no mistake, this is not Las Vegas' stadium; this is Mark Davis and Sheldon Adelson's stadium.

We don't get the stadium; we only get the debt. NFL teams have a long, sad history of screwing cities with stadium deals...