PayPal Phishing Scam
I had read about this one, but today the PayPal phishing scam hit my email box.
Got an email from account[at]paypal.com. Here is the text:
Dear PayPal Member,
Your account has been randomly flagged in our system as a part of our routine security measures. This is a must to ensure that only you have access and use of your PayPal account and to ensure a safe PayPal experience. We require all flagged accounts to verify their information on file with us. To verify your Information at this time, please visit our secure server webform by clicking the hyperlink below
Click here to verify your Information
Thank you for using PayPal!
The PayPal Team
Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the footer of any page.
To receive email notifications in plain text instead of HTML, update your preferences here.
Like a dope, I did click on that link and then entered my username and password. I was then brought to a screen that asked for my credit card number. Something clicked in one of my brain cells, and I thought: "Oh...Yes...The old PayPal scam I've been hearing about."
I shut the browser then re-opened it and returned to PayPal the legitimate way, and then changed my password.
Phew!
I checked the header of the email and it read:
X-Originating-IP: [72.9.242.245]
Received: from nobody by server.web-giroz.com
Went to that site, where I was informed:
Forbidden
You don't have permission to access /cgi-bin/ on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Ah, ha, ha, ha! Right! I mean, I wouldn't want to do anything illegal!
teammatt3 posted this at 04:15 — 3rd April 2005.
He has: 2,102 posts
Joined: Sep 2003
If that click didn't happen, you can only imagine...:alien:
Smart move changing your password quickly!
sarge299 posted this at 23:58 — 5th April 2005.
He has: 28 posts
Joined: Nov 2003
Just remember that Paypal will always use your name in the email not "dear Payapl member".
Always check the link before clicking. It should always be https://paypal.com/whateverhwatever. Not http://123.456.89 or http://someother-paypal.com etc etc.
Jim Hoffman
The 11th Hour SEO
mairving posted this at 16:55 — 6th April 2005.
They have: 2,256 posts
Joined: Feb 2001
Usually what I do is go to the site and type in:
Username: URKidding
Password: reportedtoebay
I used to forward the emails over to Ebay but they are so idiotic about it and tell me all about fraud and phishing and how to prevent it. All I am trying to do is to help them close some of these guys down.
Mark Irving
I have a mind like a steel trap; it is rusty and illegal in 47 states
timjpriebe posted this at 17:24 — 6th April 2005.
He has: 2,667 posts
Joined: Dec 2004
http://www.pcweenies.org/toon_archive.php?toon=705
Fluffi posted this at 10:36 — 8th April 2005.
He has: 38 posts
Joined: Sep 2004
I got the same message, twice, yet I ain't even registered with paypal, never will (no trust here). Bet ya some muppets get fooled though!
pmj7 posted this at 19:29 — 23rd April 2005.
He has: 234 posts
Joined: Nov 2002
Make sure you update FireFox to 1.0.3 so you can see the actual URL when you visit. Earlier versions could read paypal.com but are actually something else, they use international characters to make it look like paypal.com.
Peter
Touchup image processing applet
Pixel Development Web Design, Photography
baldrick posted this at 19:38 — 23rd April 2005.
He has: 388 posts
Joined: Apr 2005
i think this is one of the more clever scam emails emails
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.