[Cialug] PayPal security fraud

timwilson011 at mchsi.com timwilson011 at mchsi.com
Mon Jul 18 19:52:29 CDT 2005


Be careful even clicking on the link.  There could be a hidden parameter that
would identify the recipient's e-mail address.  Yeah, they don't have your
Paypal account, but now they have an e-mail address.  And since you clicked on
the link, you may have a Paypal account.  One step closer to hacking your
account.  Now all they have to get is your mother's maiden name (or something
equally easy to find) to ask Paypal to reset your password.  If nothing else,
they've farmed an e-mail address to send spam to.

On a similar note, I wish Mediacom's web mail would allow me to not show html
graphics.  That's a not-so-nice way of getting addresses.  Just opening the
e-mail says they got a valid address.

While I'm on my soapbox, I get a lot of SPAM to both this address and another
address.  Both of which get and send e-mail from/to the LUG list.  Can you say
address farming?  Yes, we attempt to hide the address, but for all of those
clients that say "(insert e-mail address here) wrote:" instead of saying "You
wrote:" or "Tim wrote", or something similar.  I wish e-mail clients would at
least obfuscate "from" addresses in replies.

--
Tim W.


> you know how i check this stuff?  always login with incorrect stuff on 
> purpose the first time that link asks you for information. if it lets 
> you in, then its bogus. username: bill.gates at microsoft.com and password: 
> jihad will get you in 100% of the time. if that doesn't spell bogus, 
> then i don't know what it is. never ever use the real login unless your 
> sure that its the real deal.  i wish people would fill up the databases 
> that those idiot phishers store that stuff in. theoretically it wouldn't 
> take much. i highly doubt they have anti-spam protection built into 
> their evil little phishing sites.
> 
> 
> 
> 
> Cesar Mendoza wrote:
> 
> >Hi,
> >
> >The practice is called phishing and if you look at the source code of
> >the HTML email you are going to find out that the link doesn't point to
> >a Paypal server. They just want to steal your account info if you happen
> >to have one and fall for the trick.
> >
> >Bye
> >Cesar Mendoza
> >http://www.kitiara.org
> >--
> >"The fate of all mankind I see
> >Is in the hands of fools."
> >  --King Crimson, Epitaph
> >
> >
> >On Mon, Jul 18, 2005 at 03:39:49PM -0500, Allen Kiddoo wrote:
> >  
> >
> >>Group-
> >>
> >>Just got 2 emails from this idiot-
> >>One problem- I don't have a paypal account.
> >>
> >>Sounds real but I know it isn't.
> >>You might want to fore warn others.
> >>
> >>Allen Kiddoo
> >>Muscatine
> >>---------------------------------------
> >>---------- Forwarded Message -----------
> >>From: security at paypal.com <service at paypal.com>
> >>To: info at iowaprint.com
> >>Sent: 19 Jul 2005 00:29:08 +0900
> >>Subject: Urgent PayPal security notification
> >>
> >>Security Center Advisory!
> >>
> >> We recently noticed one or more attempts to log in to your PayPal account
> >>from a foreign IP address and we have reasons to belive that your account was
> >>hijacked by a third party without your authorization. If you recently accessed
> >>your account while traveling, the unusual log in attemptsmay have been
> >>initiated by you.
> >>
> >>If you are the rightful holder of the account you must click the link below
> >>and then complete all steps from the following page as we try to verify your
> >>identity.
> >>
> >> Click here to verify your account
> >>
> >>If you choose to ignore our request, you leave us no choise but to temporaly
> >>suspend your account.
> >>
> >>Thank you for using PayPal! The PayPal Team
> >>
> >>-----------------------------------------------------------------------
> >>
> >> Please do not reply to this e-mail. Mail sent to this address cannot be
> >>answered. For assistance, log in to your PayPal account and choose the "Help"
> >>link in the footer of any page.
> >>To receive email notifications in plain text instead of HTML, update your
> >>preferences here.
> >>
> >>PayPal Email ID PP697
> >>
> >> Protect Your Account Info
> >>
> >>Make sure you never provide your password to fraudulent persons.
> >>
> >>PayPal automatically encrypts your confidential information using the Secure
> >>Sockets Layer protocol (SSL) with an encryption key length of 128-bits (the
> >>highest level commercially available).
> >>
> >>PayPal will never ask you to enter your password in an email.
> >>
> >>For more information on protecting yourself from fraud, please review our
> >>Security Tips at http://www.paypal.com/securitytips
> >>
> >> Protect Your Password
> >>
> >> You should never give your PayPal password to anyone, including PayPal 
> employees.
> >>------- End of Forwarded Message -------
> >>
> >>
> >>-----------------
> >>Time wounds all heels.
> >>
> >>_______________________________________________
> >>Cialug mailing list
> >>Cialug at cialug.org
> >>http://cialug.org/mailman/listinfo/cialug
> >>    
> >>
> >
> >_______________________________________________
> >Cialug mailing list
> >Cialug at cialug.org
> >http://cialug.org/mailman/listinfo/cialug
> >  
> >
> 
> 
> 
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug


More information about the Cialug mailing list