Fraudulent PayPal e-mail

Kreth

Grandmaster
MTS Alumni
Joined
Aug 26, 2003
Messages
6,980
Reaction score
86
Location
Oneonta, NY
Occasionally I skim through my bulk e-mail folder on my Yahoo account, just to be sure that the spam filters haven't incorrectly marked any valid e-mails as spam. Today, I found an e-mail from "PayPal" indicating that my account had been randomly flagged as a security precaution, and that I needed to login to verify my account. However, the link listed in the e-mail leads to this site (Note: DO NOT login at this link!). The actual PayPal login is located here. The first link is a fake website. If you login at this site, you are basically donating the contents of your PayPal account to some scumbag.
Have some fun with it. Personally, I logged in with the e-mail address nicetry@spammer.com and an obscene password incorporating a commonly used Anglo-Saxon word for sexual congress and the wish that the scumbag in charge of the site would soon expire. If enough people taint the scammers database with fake passwords, they'll be forced to trash the whole thing...
BTW, no matter how you login, your login will fail with a message that your e-mail address is not in their database.
The moral of this post: e-mails requesting a login for "verification purposes" are generally fake and used to scam the unsuspecting out of their login information. Always verify that the site you're visiting is the authentic one.

Jeff
 

arnisador

Sr. Grandmaster
MTS Alumni
Joined
Aug 28, 2001
Messages
44,564
Reaction score
438
Location
Terre Haute, IN
Got the same one today. Sheesh! They're getting better at making these look official--this one was a good forgery.
 

Ping898

Senior Master
Lifetime Supporting Member
Joined
Apr 12, 2004
Messages
3,669
Reaction score
25
Location
Earth
Got to be careful with these though cause a lot of the sites also have an underlying malcode that is auto downloaded just by visiting the site.
 

Ceicei

Grandmaster
MT Mentor
Joined
Apr 23, 2003
Messages
6,775
Reaction score
85
Location
Utah
Pay attention to the headers of these emails. If the headers show anything unusual (such as an IP address) that doesn't match the actual website location, chances are that it is fake or a scam. These emails often borrow the actual webpage to lend an authentic appearance but just change the links to redirect the requested information.

I got one from Paypal also a few weeks ago. Just recently, I got a similar email, but this time, it was supposedly from eBay requesting for "account verification to prevent suspension". It looks very authentic, but the way it was worded made me very suspicious.

My husband is a computer technician and he taught me to look closely at headers, use "whois" and if necessary, have him check out IP addresses to see if they match. When in doubt, can always call the legitimate company directly.

Most of the time, whenever I see one of these that make unsolicited inquiries about any sort of accounts by email, I just toss it in my trash and not bother any more about it. Plain junk....

- Ceicei
 

James Kovacich

Senior Master
Lifetime Supporting Member
Joined
Dec 4, 2002
Messages
2,900
Reaction score
50
Location
San Jose, Ca.
I get those quite a bit. They take my email from my website and try to trick me. But my sites email has no connection to my paypal usage.

Thats how I caught on to them.
 

arnisador

Sr. Grandmaster
MTS Alumni
Joined
Aug 28, 2001
Messages
44,564
Reaction score
438
Location
Terre Haute, IN
Yeah, that's the trick. I register for these with my HotMail address, so anything I get at my actual address(es) is clearly spam.
 

Cthulhu

Senior Master
Founding Member
MTS Alumni
Joined
Sep 1, 2001
Messages
4,526
Reaction score
27
Location
Florida
This is a scam called 'phishing', where naughty people pretend to be financial institutions or whatnot and send out e-mails warning their customers of 'security' issues. Some of them actually warn the customers about the very scam they're trying to pull.

It's really bad if you use Internet Explorer, because there is supposedly some way they can spook the URL in the address bar so it looks like you're logging onto a legitimate site, but the actual IP is to a bogus site.

Just keep in mind (and spread the word) that no bank or other such financial institution/business would EVER require you to do that. If anything, they would have you call them for account maintenance like that so they could verify you as the actual card/account holder before changing any information. Furthermore, most if not all of these businesses would not actually store your password on file, so if you lost it, they would just reset the password and e-mail it to you or something.

A LOT of elderly people seem to fall for this because they simply do not know that those e-mails are not legitimate practice. If you know people who frequent the Internet but are not hip to the various fraud practices out there, be sure to let them know NOT to answer any e-mail like that.

Cthulhu
 

arnisador

Sr. Grandmaster
MTS Alumni
Joined
Aug 28, 2001
Messages
44,564
Reaction score
438
Location
Terre Haute, IN
Seig said:
What I did when I got that was ignored the link and went directly to the site.
I felt safe because I was on a Unix machine (and at work, so it'd be someone else's job to fix it anyway! :)) but otherwise I'd say the same.
 

ed-swckf

Black Belt
Joined
Aug 28, 2004
Messages
691
Reaction score
1
Location
uk
Ping898 said:
Got to be careful with these though cause a lot of the sites also have an underlying malcode that is auto downloaded just by visiting the site.
people have gone to the site and picked up JS:Trojan.blinder as i am aware.
 

Dronak

Black Belt
Founding Member
Joined
Oct 25, 2001
Messages
646
Reaction score
15
Location
College Park, MD, USA
For me personally, there's no issue here -- I don't have a PayPal account, so almost any e-mail I get claiming to be from PayPal is going to be a forgery. I do have to watch sometimes for eBay e-mails though; I do have an account with them and still get some fake mails claiming to be from them. But Yahoo's filters are pretty good. With the exceptions of a few mailing lists I haven't (or forgot to) clear, I think everything that's gone to the bulk folder has been spam. What I'm a little surprised at is that they still haven't quite gotten the hang of filtering out those Nigerian scams, the ones where some lawyer claims there's like tens of millions of dollars available to the next-of-kin of a dead person and if you help them liberate the money (because there is no legitimate next-of-kin), you'll get some percentage of the money that usually still amounts to millions. A lot of them have been making their way to my inbox and I keep reporting them to Yahoo as spam. They'll figure it out eventually, I guess.
 

Pale Rider

Green Belt
Joined
Jul 7, 2004
Messages
174
Reaction score
3
Here is one from a "fake"

Dear PayPal Member,

Your account has been randomly flagged in our system as a part of our routine security measures. This is a must to ensure that only you have access and use of your PayPal account and to ensure a safe PayPal experience. We require all flagged accounts to verify their information on file with us. To verify your Information at this time, please visit our secure server webform by clicking the hyperlink below

Here is one from Pay Pal

[font=verdana, verdana]
Dear Bill Richards,

Welcome to PayPal, the easy and affordable way to accept credit card payments online. If you're unfamiliar with PayPal, you probably have questions about the service and the best ways to use it for your business. We've created a document to help.

If you notice the fakes will only say "Dear Pay Pal Member"

Make sure that any emails sent to you from Pay Pal actually say "Your Name"
If you have any doubts then go straight to their login page and DO NOT click on any links sent to your emails.

I sent Pay Pal an email asking them about that and that is exactly what they told me. The fake ones will say 99% of the time - Dear Pay Pal Member...and Pay Pal doesn't

I hope this helps
[/font]
 
A

Andy Cap

Guest
In the end if you are concerned that an email from Paypal, Ebay, Hotmail, Credit card, etc is false - then log onto their site not using any links from teh email. in other words if iget an email from Ebay and I am at all concerned that it may be a legit email, I open up firefox and go to ebay.com and log into my account and see if they left me any messages there.
 

Andrew Green

Grandmaster
MTS Alumni
Joined
Aug 1, 2004
Messages
8,628
Reaction score
448
Location
Winnipeg MB
arnisador said:
I felt safe because I was on a Unix machine (and at work, so it'd be someone else's job to fix it anyway! :)) but otherwise I'd say the same.

Being on a Unix system doesn't in any way protect you from phishing scams, it "should" protect you from Trojans though as none target it (yet)

One of the most common ways of doing bad things to people on line is getting them to do something that "feels safe"....

My boss actually almost feel for a phishing scam a little while back. After explaining what it was I then proceeded to class where I was giving a test. Coincidentally there was a question on Phishing scams :D

Anyways, no financial institution is ever going to send you a e-mail asking you to enter your account info. They are all well aware of phishing scams and how common they are, for that reasons most have a policy that they will not contact you through e-mail asking for such info.

Spoofing an e-mail adress is not hard to do. Hell they can even make it look like you are on the actual site based on first glance at your adress bar...

Here's one simple trick:

www.paypal.com/login?some important looking info@real adress

The real adress is of course well outside the visible section on your adress bar, and everything before the "@" get ignored as a username.

Firefox will "should" give you a warning if you go to a site with a "@" in the address, not sure about IE.
 
Top