Announcement

Collapse
No announcement yet.

paypal scam mails

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • paypal scam mails

    Today, I got this mail:
    Dear PayPal user,

    Following problems with our site,
    We Recommended you to update your account
    as soon as possible..

    The update will be just for secure only.

    You must click the link below and enter your password on the following page to update your account.

    Click here to update your account

    You can also confirm your email address by logging into your PayPal account at https://www.paypal.com/us. Click on the "Confirm email" link in the Activate Account box and then enter this confirmation number: 0419-9201-5791-2114-2019

    Thank you for using PayPal!
    The PayPal Team
    The mail looks exactly like paypal stuff (logos, fonts), it even as the paypal security warning (stating that you should never give out your password !), ...

    However, the link they refer to doesn't seem to be owned by paypal (found this on samspade):
    Domain Name: KAMIKAZA.BIZ
    Domain ID: D7487051-BIZ
    Sponsoring Registrar: ENOM INC.
    Domain Status: ok
    Registrant ID: 3E0CBE3333EEDB84
    Registrant Name: raghuveer Sankineni
    Registrant Address1: 1207 woodcrest ave
    Registrant City: Safety harbor
    Registrant State/Province: FL
    Registrant Postal Code: 34695
    Registrant Country: United States
    Registrant Country Code: US
    Registrant Phone Number: 1.7277235593

    Add to this that I once tried to register at paypal (it failed, so I never even entered my visa-card), but not using this emailaddress...

    So, be carefull ...


    Jörg
    pixar
    Dream as if you'll live forever. Live as if you'll die tomorrow. (James Dean)

  • #2
    Phishing is almost as common as most other scams. Does anyone ever fall for it?
    Brian (the devil incarnate)

    Comment


    • #3
      I hope not, but I was shocked at how realistically it looked. I haven't tried the link, but if it looks similar to the paypal site, I can imagine some people might fall for it...


      Jörg
      pixar
      Dream as if you'll live forever. Live as if you'll die tomorrow. (James Dean)

      Comment


      • #4
        I actually got one of these that was so good, I had to look at the message source HTML to see that it was fake.

        They actually would update the status bar with ebay links (using OnMouseOver or some such), but the links themselves were to some specific IP address, not ebay.

        I'm not surprised people fall for these.

        - Steve

        Comment


        • #5
          They're getting very good. Had one about Barclays that had the https and even the secure padlock was displayed.
          Basically a direct copy.
          Looking at the source and it was login that gave the game away plus the fact Barclays don't have mine work email address.
          Chief Lemon Buyer no more Linux sucks but not as much
          Weather nut and sad git.

          My Weather Page

          Comment


          • #6
            I see this type of thing a lot.

            It troubles me to think of the type of person who would conduct a scam like this.
            P.S. You've been Spanked!

            Comment


            • #7
              Wow! Samspade is awesome! I pulled this up on an eBay phish I recieved a couple of days ago:

              Server Used: [ whois.yesnic.com ]

              pornosin.com = [ 218.149.84.41 ] -----------------------------------------------
              Queried Domain Information as follows
              -----------------------------------------------
              Domain Name : pornosin.com
              : :Registrant: :
              Name : choi ji suk
              Email : this9003@yahoo.co.kr
              Address : Hak-dong Tong-gu Kwangju Korea
              Zipcode : 501190
              Nation : KR
              Tel : 82-032-213-1231
              Fax : 82-032-213-1231
              : :Administrative Contact: :
              Name : choi ji suk
              Email : 0000
              Address : Hak-dong Tong-gu Kwangju Korea
              Zipcode : 501190
              Nation : KR
              Tel : 82-032-213-1231
              Fax : 82-032-213-1231
              : :Technical Contact: :
              Name : Whois
              Email : whois@whois.co.kr
              Address : Seobuk Building 740-3 Yeoksam-dong
              Zipcode : 135080
              Nation : KR
              Tel : 82-02-557-4259
              Fax : 82-02-3484-4701
              : :Name Servers: :
              ns.zifukssa.com
              ns1.whoisweb.net
              : ates & Status: :
              Created Date 2004-01-25 19: 20: 45 EST
              Updated Date 2004-01-25 19: 20: 45 EST
              Valid Date 2005-01-25 19: 20: 45 EST
              Status ACTIVE

              I forwarded the message to eBay security and forgot about it. What are the chances that the Korean authorities already have this information?

              Kevin

              Comment

              Working...
              X