Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Phishing Alert! Using Paypal


  • Please log in to reply
11 replies to this topic

#1 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,815 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:16 PM

Posted 28 March 2006 - 01:57 AM

Until today I hadn't been aware of the term phishing, but I almost became a victim of it this morning. I received this email this morning...

You have added mike84@juno.com as a new e-mail address for your account.
If you don't agree with this e-mail and if you need assistance with your account fallow this link:
hxxp://128.134.42.188:2006/www.paypal.com/cgi-bin/webscr_cmd=_login-run


//Mod edit of URL above to protect others.//

Please confirm your information to continue using your account normally.


Copy and paste the link on your internet explorer address bar.
Please do not reply to this e-mail.


Not being familiar what form PayPal uses to email their clients, I used the link to go to the site, and after entering my email address and password to log in, another page immediately came up titled "Security Measures" asking for these items...


Social Security Number:

Mother's Maiden Name:

Full Name:

Card Number: VisaMastercard

Expiration Date: /

CVV2 Number: Card Verification Number (CVV2) is located on the back of your card.

ATM PIN: Electronic Signature (ATM PIN) is required for bank verification.




The first thing that caught my eye was their asking me for my social security number, but the real alarms started going off when I saw that they were requesting my ATM pin number!

I called PayPal, and the first thing the rep asked was how was it addressed, it turns out that they always begin their letters by addressing the individual by name, as you can see this one isn't.

I immediately ran all of my av, spyware, adware, malware...but found nothing, thank you very much.

What I would really like (short of having a little face to face meeting with these $&*#@) is to know how they got my email address, and if it was associated with PayPal as I do have an account with them.

Be aware people...these guys are slick!

Edited by KoanYorel, 28 March 2006 - 10:22 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


BC AdBot (Login to Remove)

 


#2 Mr Alpha

Mr Alpha

  • Members
  • 1,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:01:16 AM

Posted 28 March 2006 - 05:16 AM

They're probably phising (fishing). They got your email the same way spam mailers get it. They send that same message to every email they can get a hold of hoping that somebody is ignorant and trusting enough to give them their information.

The address they sent you to should ring a lot of bells. It doesn't have a domain name, only an IP address, and it is accessing the site through port 2006 (which is enough to make my firewall start screaming).

Honstly though, it is a pretty well done scam, the site looks authentic. They even say that privacy is their main concern and then apologize for the inconvenience.

Have you changed you PayPal password?

You might want to do something about the address, so somebody doesn't click it before they've read your post, and fall for the scam.
"Anyone who cannot form a community with others, or who does not need to because he is self-sufficient [...] is either a beast or a god." Aristotle
Intel Core 2 Quad | XFX 780i SLI | 8GB Corsair | Gigabyte GeForce 8800GTX | Auzentech X-Fi Prelude| Logitech G15 | Logitech MX Revolution | LG Flatron L2000C | Logitech Z-5500 Digital

#3 dc3

dc3

    Bleeping Treehugger

  • Topic Starter

  • Members
  • 30,815 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:16 PM

Posted 28 March 2006 - 11:56 AM

They're probably phising (fishing). They got your email the same way spam mailers get it. They send that same message to every email they can get a hold of hoping that somebody is ignorant and trusting enough to give them their information.

The address they sent you to should ring a lot of bells. It doesn't have a domain name, only an IP address, and it is accessing the site through port 2006 (which is enough to make my firewall start screaming).

Honstly though, it is a pretty well done scam, the site looks authentic. They even say that privacy is their main concern and then apologize for the inconvenience.

Have you changed you PayPal password?

You might want to do something about the address, so somebody doesn't click it before they've read your post, and fall for the scam.


Regarading the port number, should paypals port number been the registered numbers from 1024 through 49151, or the dynamic/personal ports 49152 through 65535?

I canceled my account, I seldom used it, as a matter of fact it had been idle since last Sept.

The only difference to the site is that the first one has the logo, tabs, but has the message that "this page has been moved...", and after you click on it you are taken to the second page which is exactly the same as PayPals, I did a side by side comparison and couldn't see any difference. I suspect that the second page is actually a copy of the real one, and the first page with the disclaimer was a means to circuventing default protection.

Wouldn't it be ironic that they steal my identity, and find that instead of getting my money they get my debts? :thumbsup:

I just glad that I didn't wind up with something real nasty, I just finished reformatting and installing my os.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 rms4evr

rms4evr

  • Members
  • 812 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:East Coast
  • Local time:06:16 PM

Posted 28 March 2006 - 12:17 PM

Glad to hear you're okay! :thumbsup:

Most banks and online services will tell you that they will not ask for that kind of info via email. They know about these scams, take precautions to keep your info safe. Most will have "security questions;" questions that only you would know, like "What is your mother's maiden name?" That way, they know that its really you trying to access that info.

I agree; someone was "phishing" for your info. Glad you didn't bite!!! :flowers:

#5 dc3

dc3

    Bleeping Treehugger

  • Topic Starter

  • Members
  • 30,815 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:16 PM

Posted 28 March 2006 - 01:13 PM

Do any of you know of a good freeware program for bolcking these phishing trips, that's something I would't mind getting hooked on. :thumbsup:

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 frankie12

frankie12

  • Members
  • 941 posts
  • OFFLINE
  •  
  • Location:Michigan
  • Local time:06:16 PM

Posted 28 March 2006 - 07:57 PM

paypal has a toolbar that will tell you if the e-mail really came from them.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:16 PM

Posted 28 March 2006 - 09:02 PM

EVERYONE WHO USES THE NET SHOULD READ THIS ( I am yelling, just not rudely)

Here's a page with a lot of info on internet shenanigans

http://onguardonline.gov/stopthinkclick.html

If you click on the Phishing icon,on the right site of the page there is info on reporting a Phish.
Down near the bottom of the main article is a link to file a complaint with the FTC.

Home :
http://onguardonline.gov/index.html

You should forward Phishing emails to:

mailto:spam@uce.gov
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 cowsgonemadd3

cowsgonemadd3

    Feed me some spyware!


  • Banned
  • 4,557 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 28 March 2006 - 11:29 PM

This is going on all over ebay. In the past 2 days 4 listings have been bouncing to a page that looks like ebay sign in but its hosted on a free account you can see the url at the top(50 megs)

They have all been removed quickly one even had a topless woman in the gallery pic! I mean I hate to go on ebay doing a search and get porno...

Im glad ebay seemed to have been tipped off quick on all the cases.

Be very careful and I never give out anything other than my address.

#9 Mr Alpha

Mr Alpha

  • Members
  • 1,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:01:16 AM

Posted 29 March 2006 - 03:45 PM

Regarading the port number, should paypals port number been the registered numbers from 1024 through 49151, or the dynamic/personal ports 49152 through 65535?

Should have been using port 80 and 443.

Do any of you know of a good freeware program for bolcking these phishing trips, that's something I would't mind getting hooked on. :thumbsup:

There is an anti-phishing extension for Firefox made by Google, here. I haven't tried it so I don't know anything about it though.
"Anyone who cannot form a community with others, or who does not need to because he is self-sufficient [...] is either a beast or a god." Aristotle
Intel Core 2 Quad | XFX 780i SLI | 8GB Corsair | Gigabyte GeForce 8800GTX | Auzentech X-Fi Prelude| Logitech G15 | Logitech MX Revolution | LG Flatron L2000C | Logitech Z-5500 Digital

#10 dc3

dc3

    Bleeping Treehugger

  • Topic Starter

  • Members
  • 30,815 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:16 PM

Posted 29 March 2006 - 10:45 PM

Regarading the port number, should paypals port number been the registered numbers from 1024 through 49151, or the dynamic/personal ports 49152 through 65535?

Should have been using port 80 and 443.

Do any of you know of a good freeware program for bolcking these phishing trips, that's something I would't mind getting hooked on. :thumbsup:

There is an anti-phishing extension for Firefox made by Google, here. I haven't tried it so I don't know anything about it though.


Thanks for the link, I'll try it out and let you know, I use Firefox so this is good for me. I had another phisher this afternoon, this one stated that they were from the Microsoft E-mail Lottery Promotion, and that I had won eight hundred thousand Euros... :flowers: yeah, when donkeys fly, poor example, with enough propulsion you can make a brick fly, just look at some of our jets.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#11 dc3

dc3

    Bleeping Treehugger

  • Topic Starter

  • Members
  • 30,815 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:16 PM

Posted 30 March 2006 - 01:08 AM

Mr. Alpha...I downloaded the anti-phishing extension for Firefox made by Google, and it works great, thank you very much. :thumbsup:

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#12 Albert Frankenstein

Albert Frankenstein

  • Members
  • 2,707 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Michigan, USA
  • Local time:06:16 PM

Posted 30 March 2006 - 11:01 AM

Some general info regarding Phishing can be found HERE, along with real examples of phishing emails.
ALBERT FRANKENSTEIN
I'M SO SMART IT'S SCARY!


Currently home chillin' with the fam and my two dogs!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users