0

Until today I hadn't been aware of the term phishing, but I almost became a victim of it this morning. I received this email this morning...

You have added mike84@juno.com as a new e-mail address for your account.
If you don't agree with this e-mail and if you need assistance with your account fallow this link:
malicious link removed by moderator. Suffice it to say, it is a web address faked to look like paypal's

Please confirm your information to continue using your account normally.


Copy and paste the link on your internet explorer address bar.
Please do not reply to this e-mail.

Not being familiar what form PayPal uses to email their clients, I used the link to go to the site, and after entering my email address and password to log in, another page immediately came up titled "Security Measures" asking for these items...

Social Security Number:

Mother's Maiden Name:

Full Name:

Card Number: VisaMastercard

Expiration Date: /

CVV2 Number: Card Verification Number (CVV2) is located on the back of your card.

ATM PIN: Electronic Signature (ATM PIN) is required for bank verification.

The first thing that caught my eye was their asking me for my social security number, but the real alarms started going off when I saw that they were requesting my ATM pin number!

I called PayPal, and the first thing the rep asked was how was it addressed, it turns out that they always begin their letters by addressing the individual by name, as you can see this one isn't.

I immediately ran all of my av, spyware, adware, malware...but found nothing, thank you very much.

What I would really like (short of having a little face to face meeting with these $&*#@) is to know how they got my email address, and if it was associated with PayPal as I do have an account with them.

Be aware people...these guys are slick!

7
Contributors
13
Replies
14
Views
11 Years
Discussion Span
Last Post by nizzy1115
0

Hi there,

Thanks for the information. However, I went ahead and removed the actual IP address from your quote, so others will not click on it, and fall victim to the ploy.

Since you have an IP address, you might want to consider calling the police. I'm sure they might be interested in having the IP address of a site like that.

0

Funny. I've got a gmail account and recieve hundreds of these things. I can easily decipher the phishers because I don't use my gmail account, and they talk like this:


Hello pleas

Enter. your'e password and whatyour usernames........

I send you eleventy hundred dollers i promise!

0

"haRRY POTTR BOOK 6 ON SAL"
"paypal acount verication"


-"Harry" is now on the filter list, as with those charming PayPal folk.-

0

"haRRY POTTR BOOK 6 ON SAL"
"paypal acount verication"


-"Harry" is now on the filter list, as with those charming PayPal folk.-

Cute bo :lol: , but as you can see from my post, this was a very well written and staged product, I did a side by side comparison of the real paypal site and the one the phishers were using, and they are the same, the only difference is that with the phisher first page has a sign stating "this Page Has Been Moved", it has the proper PayPal logo and header including tabs.

Alex, I had left it in because it is a benighn site as long as you don't provide the information they're requesting. I did report this to my bank and inturn their fraud department. With what I was able to glean on line, calling the police isn't really going to accomplish much of anything, especially when you are dealing with the sherif department in a small rural town. As servercrash was alluding to, theses people are pretty well insulated being in some third world country.

server_crash...what can I say, once again you are phishing with a larger pole and obviously going to make the bigger catch, I'm humbled by your prowess. :lol: Just for the record, this is the first and only phishing trip I have seen, they just lucked out and chose something I actually had an account for, otherwise I wouldn't have even looked at it.

0

As always what paypal says, they will never ever ask for your name / password. EVER. And never ever click on links from emails, always type into web browsers.

Also, try out microsofts ie 7. It includes a phishing filter that checks websites automomatically for you. I have been using it since last july when it came out and it works really well. I've never had an issue with it crashing or anything.

0

As always what paypal says, they will never ever ask for your name / password. EVER. And never ever click on links from emails, always type into web browsers.

Also, try out microsofts ie 7. It includes a phishing filter that checks websites automomatically for you. I have been using it since last july when it came out and it works really well. I've never had an issue with it crashing or anything.

Thank you, this is what I was hoping to hear, good advice, and a way to protect myself. I saw the MS program on line, but wanted to hear from someone who had used it before I download it.

0

"I SEND YOU TWENTITY TOUSAND DOLLARS, I PROMISE!!!!!111!!!!1!!!"

"OMG VIAGRA"

"ROFLCOPTER Deluxe Edition - $29.99 + shipping & handling"

They were gonna send twentity thousand. How kind. SeƱor servar_crash only got eleventy hunderd.

0

Good timing on this BeastOverlordH6, I just found an e-mail form the Microsoft E-mail Lottery Promotion annoucing that I have just won eight hundered thousand Euros! Dang, things are getting slimy here, I need to find some sort of filter for this cr@p.

0

Alex, I had left it in because it is a benighn site as long as you don't provide the information they're requesting. I did report this to my bank and inturn their fraud department. With what I was able to glean on line, calling the police isn't really going to accomplish much of anything, especially when you are dealing with the sherif department in a small rural town. As servercrash was alluding to, theses people are pretty well insulated being in some third world country.

Good job.

The thing to keep in mind with sites like those is that if they're unscrupulous enough to do things like this, they're also probably dirty enough to perform drive-by software installations. Next thing you know, BLAM- you've got spyware, and identity theft.

0

What in the heck doesn't google make?!?! That is one crazy company for sure.

I'll have to try this though.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.