Jump to content
HybridZ

Got a scam email posing as 'Paypal"!!!

datsunlover

By datsunlover
in Non Tech Board

 Share

Recommended Posts

datsunlover Newbie

datsunlover

Posted
Posted

Man I was almost another statistic this afternoon.. Got an email from a "service@paypal.com" telling me my paypal acount had 'had unusual activity recently' and therefor had been 'limited'. (???) So I clicked the link, and went to a page that looked like a legit paypal page. It said my acount had been limited, and I would need to log in to 'rectify any issues'. By limited, it explained I could not; send money, put mony on, or even close my acount.

 

Ok.. so I loged in (after having to reset my pasword cause I forgot it..) and get to a page that wants me to give all kinds of info so they can 'Better serve and protect me from fraud'. Here's a few bits I was asked to type in:

 

-my full name and address

-my MOTHERS maiden name

-my BANK account number as it apears on my cheques

-my credit card number (must be the card atached to the listed bank acount)

 

At that point, I got a little freaked out.. so I closed the window. I opened a new one, went directly to the paypal web site, and changed my pasword and security Q's. Funny.. one of the security questions is "mothers maiden name"... hmmm....

Link to comment
Share on other sites
Pop N Wood Newbie

Pop N Wood

Posted
Posted

If you right mouse click on the link included in the email, it will give you the true URL you are logging into. Know that no legitimate company will do what that one asked, but also a good habit is to never click on the link in the email. Type the link in manually or cut and paste it into the address bar.

Link to comment
Share on other sites
datsunlover Newbie

datsunlover

Posted
  • Author
Posted

oh yes, it get better.. I just realised that it's not only one theifing page, but a whole 'spoofed' paypal site! Heres the link I got in my email btw; https://www.paypal.com/security/

 

Nothing malicious when you click the link or anything, but I found this funny; The page that promps you to type your email and pasword.. well, It doesnt matter what email address you put in, OR what you type for a pasword, it just goes to the next page asking for ALL your banking info, social security #, ect. I 'loged in' as someguy@hotmail.com and password 'someguy' I then filled out all the fields.. here's a few I liked..

 

First Name; F*!k initial; u last name; Theives

SIN; 123456789101112 (remember sesame street?)

bank institution; Ricochet savings and loan

bank acount # 666 666 66

 

I did forward the email to paypal with a description of what hapened and just got one back from them confirming it is NOT a paypal site, and it in fact a scam site. Kinda scarry how easy it is though...

Link to comment
Share on other sites
sjhafa Newbie

sjhafa

Posted
Posted

I also received one of those, they usually come only after you sell something and someone sends money. I was on my way to being a victim untill a pop up appeared and said the page I was looking at was associated with a scam. So I never made it to filling in the blanks. Buy you are right, everything down to the correct logos and colors are correct.

Link to comment
Share on other sites
Tim240z Newbie

Tim240z

Posted
Posted

If someone called you on the phone and asked you for that info, would you give it out? I find it quite baffling how secure folks feel on the 'net. Not 'digging' at you DL.....there has been so much in the media lately about phishing....watchout!!

I am still very uncomfortable putting in my CC info into a secure ordering site.....I pucker something fierce! glad you didn't go all the way through!!

Link to comment
Share on other sites
JMortensen Collaborator

JMortensen

Posted
Posted
If someone called you on the phone and asked you for that info' date=' would you give it out? I find it quite baffling how secure folks feel on the 'net. Not 'digging' at you DL.....there has been so much in the media lately about phishing....watchout!!

I am still very uncomfortable putting in my CC info into a secure ordering site.....I pucker something fierce! glad you didn't go all the way through!![/quote']

Really no need to fear the secured server Tim. If something happens you alert the credit card company and they take care of the fraudulent charges for you. And you don't need "credit protector" or any of that BS they try to sell you for protection either. Visa/MC/Amex/Discover all have it built into the MERCHANT agreements. Merchants get the shaft if someone steals your card and uses it fraudulently.

 

Phishing is so commonplace now that I've had several legit emails from my bank that I threw straight in the trash before I even read them assuming they were BS. It's getting harder to see through the crap, but just remember that your bank, Paypal, whoever ALREADY KNOWS your bank info, and wouldn't EVER ask you for that info to verify who you are.

 

More info: http://www.antiphishing.org/consumer_recs.html

Link to comment
Share on other sites
datsunlover Newbie

datsunlover

Posted
  • Author
Posted
If someone called you on the phone and asked you for that info, would you give it out? I find it quite baffling how secure folks feel on the 'net. Not 'digging' at you DL.....there has been so much in the media lately about phishing....watchout!!

 

Oh yah, I understand, I was just amazed the work someone put into this fake site.. I was foolish to click the link int he first place (there was no line at the top addressing me by my first and last name) but didn't think much of it at first. Even typing in my emeil and pasword seamed ok, as the place looked legit. Of course once the next page poped up asking for all my info (oh yah, they want to know your credit card PIN # and social insurance # too.. :roll: ) well, then I got wise to it. I was a little worked up after realizing I was into a scam, and even typing in my card # to the REAL paypal site (to verify my identity, allowing me to change my pasword) was making me nervous.. Even though all apears ok, I'm keeping an eye on my bank and credit card's a little closer for the next while..

Link to comment
Share on other sites
auxilary Newbie

auxilary

Posted
Posted

you guys want to be really freaked out? I mean, REALLY freaked out? Those of you using mozilla/firefox:

 

http://www.shmoo.com/idn/

 

mouse over on paypal.com link. Then CLICK paypal.com link. Look at the URL at the top.

 

Do math, and read the link about IDN info below. This was unveiled 2 weeks ago, and would be an excellent tool for phishing scams.

Link to comment
Share on other sites
Wagz Newbie

Wagz

Posted
Posted
you guys want to be really freaked out? I mean' date=' REALLY freaked out? Those of you using mozilla/firefox:

 

http://www.shmoo.com/idn/

 

mouse over on paypal.com link. Then CLICK paypal.com link. Look at the URL at the top.

 

Do math, and read the link about IDN info below. This was unveiled 2 weeks ago, and would be an excellent tool for phishing scams.

 

Mozilla just released a fix for this:

The Mozilla Foundation released an update on Thursday to the Firefox Web browser to fix several vulnerabilities. One of the bugs that Firefox 1.0.1 fixes is a vulnerability in the Internationalized Domain Names (IDN), which allowed an attacker to create a fake Web site on a non-Microsoft browser in order to pull off a phishing scam.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...