|
|
 The Latest PayPal Phishing Scam
By Robin Laudanski
January 24, 2005
Companies like PayPal have repeatedly been used to target consumers in phishing scams. It isn't because PayPal does anything wrong, it is because they are a widely used company so the chances of finding people who wont double check to see if the email is legit is more likely.
This is the latest PayPal email phishing scam out. In the last 24 hours, I've gotten at least a dozen of these emails. Please note the header information immediately tells us this email is not a legitimate PayPal email.
Return-Path: < wwwuser@ cgi01.plus.net >
Received: from cgi01.plus.net (cgi01.plus.net [195.166.130.120])
by bugsbunny.castlecops.com (8.13.2/8.13.2) with ESMTP id j0OHskGa011385
for <***@*****>; Mon, 24 Jan 2005 12:54:46 -0500
Received: from wwwuser by cgi01.plus.net with local (Exim 4.31; FreeBSD)
id 1Ct8QL-00010m-4Q
for ***@*****; Mon, 24 Jan 2005 17:54:49 +0000
To: email address removed
Subject: PayPal Account Suspended
From: PayPal Service < service@paypal.com >
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id:
Date: Mon, 24 Jan 2005 17:54:49 +0000
X-NOD32Result: clean
X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on
bugsbunny.castlecops.com
X-Spam-Level: ***
X-Spam-Status: No, score=3.8 required=5.6 tests=AWL,BAYES_50,HTML_MESSAGE,
MIME_HTML_ONLY,RCVD_IN_BL_SPAMCOP_NET,REPLY_TO_EMPTY autolearn=no
version=3.0.2
X-Spam-DCCB: sonic.net
X-Spam-DCCR: bugsbunny.castlecops.com 1117; Body=2 Fuz1=2 Fuz2=5
This is the text of the email as it appears in your inbox:
Paypal-Account Alert
 |
| |
| |
| |
Dear
Paypal User, |
| |
|
| |
In accordance
with our major database relocation, we are currently having major
adjustments and updates of user accounts to verify that the informations
you have provided with us during the sign-up process are true and
correct. However, we have noticed some discrepancies regarding your
account at Paypal. Possible causes are inaccurate contact information
and invalid logout process. |
| |
|
| |
We require
you to complete an account verification procedure
as part of our security measure. |
| |
|
| |
You
must click the link below to complete the process. |
| |
https://www.paypal.com/cgi-bin/webscr?cmd=_login-run |
| |
|
| |
Unable
to do so may result to abnormal account behavior during transactions. |
| |
|
| |
Thank
you for using PayPal!
The PayPal Team |
| |
|
| |
Please
do not reply to this e-mail. Mail sent to this address cannot be answered.
For assistance, log in to your PayPal account and choose the "Help"
link in the footer of any page.
PayPal
Email ID PP096 |
|
I've posted this email as is for a reason, that reason is because I want everyone to see the actual formatting of the thing. If you mouse over the PayPal link you'll notice in your status bar that it isn't directing you to PayPal. Instead it is pointing to http://thilo.traeff.ch/paypal. Depending upon which browser you're using http://thilo.traeff.ch/paypal will display slightly differently, it looks much more authentic using Firefox then it does using IE.
A key thing to remember:
If you get an email suggesting your account is being terminated or suspended, check for yourself. Do it in a safe way. What is a safe way? Regardless of what company is listed in the email you get, go directly to their website without clicking on the link in the email! If you can login to the legit site, and there are notifications directly for you, there will be a link to see what they are. If there are server changes, database changes etc going on there will be an announcement somewhere on the site. Protect yourself by being sceptical and doing a little research.
Remember that old saying believe half of what you see and none of what you hear? These kind of emails are perfect examples of why you need to look into it yourself.
|
|
|
 |
|
No Comments Allowed for Anonymous, please register |
|
| |
|
Login |
|
 |
|
|
|
|
· New User? · Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
|
Average Score: 5
Votes: 1
|
|
|
