Phishing alert

Question

dcc 88 Posting Virtuoso

18 Years Ago

Until today I hadn't been aware of the term phishing, but I almost became a victim of it this morning. I received this email this morning...

You have added mike84@juno.com as a new e-mail address for your account.
If you don't agree with this e-mail and if you need assistance with your account fallow this link:
malicious link removed by moderator. Suffice it to say, it is a web address faked to look like paypal's

Please confirm your information to continue using your account normally.

Copy and paste the link on your internet explorer address bar.
Please do not reply to this e-mail.

Not being familiar what form PayPal uses to email their clients, I used the link to go to the site, and after entering my email address and password to log in, another page immediately came up titled "Security Measures" asking for these items...

Social Security Number:

Mother's Maiden Name:

Full Name:

Card Number: VisaMastercard

Expiration Date: /

CVV2 Number: Card Verification Number (CVV2) is located on the back of your card.

ATM PIN: Electronic Signature (ATM PIN) is required for bank verification.

The first thing that caught my eye was their asking me for my social security number, but the real alarms started going off when I saw that they were requesting my ATM pin number!

I called PayPal, and the first thing the rep asked was how was it addressed, it turns out that they always begin their letters by addressing the individual by name, as you can see this one isn't.

I immediately ran all of my av, spyware, adware, malware...but found nothing, thank you very much.

What I would really like (short of having a little face to face meeting with these $&*#@) is to know how they got my email address, and if it was associated with PayPal as I do have an account with them.

Be aware people...these guys are slick!

7 Contributors
13 Replies
224 Views
2 Days Discussion Span
Latest Post 18 Years Ago Latest Post by nizzy1115

All 13 Replies

alc6379 120 Cookie... That's it

18 Years Ago

Hi there,

Thanks for the information. However, I went ahead and removed the actual IP address from your quote, so others will not click on it, and fall victim to the ploy.

Since you have an IP address, you might want to consider calling the police. I'm sure they might be interested in having the IP address of a site like that.

server_crash 64 Postaholic

18 Years Ago

Funny. I've got a gmail account and recieve hundreds of these things. I can easily decipher the phishers because I don't use my gmail account, and they talk like this:

Hello pleas

Enter. your'e password and whatyour usernames........

I send you eleventy hundred dollers i promise!

BeastOverlordH6 0 Posting Whiz in Training

18 Years Ago

"haRRY POTTR BOOK 6 ON SAL"
"paypal acount verication"

-"Harry" is now on the filter list, as with those charming PayPal folk.-

Vinoth 0 Junior Poster

18 Years Ago

interesting thread,

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

dcc 88 Posting Virtuoso · Answer 1 · 2006-03-28T22:06:46+00:00

"haRRY POTTR BOOK 6 ON SAL"
"paypal acount verication"

-"Harry" is now on the filter list, as with those charming PayPal folk.-

Cute bo :lol: , but as you can see from my post, this was a very well written and staged product, I did a side by side comparison of the real paypal site and the one the phishers were using, and they are the same, the only difference is that with the phisher first page has a sign stating "this Page Has Been Moved", it has the proper PayPal logo and header including tabs.

Alex, I had left it in because it is a benighn site as long as you don't provide the information they're requesting. I did report this to my bank and inturn their fraud department. With what I was able to glean on line, calling the police isn't really going to accomplish much of anything, especially when you are dealing with the sherif department in a small rural town. As servercrash was alluding to, theses people are pretty well insulated being in some third world country.

server_crash...what can I say, once again you are phishing with a larger pole and obviously going to make the bigger catch, I'm humbled by your prowess. :lol: Just for the record, this is the first and only phishing trip I have seen, they just lucked out and chose something I actually had an account for, otherwise I wouldn't have even looked at it.

nizzy1115 14 Practically a Posting Shark · Answer 2 · 2006-03-29T00:14:01+00:00

As always what paypal says, they will never ever ask for your name / password. EVER. And never ever click on links from emails, always type into web browsers.

Also, try out microsofts ie 7. It includes a phishing filter that checks websites automomatically for you. I have been using it since last july when it came out and it works really well. I've never had an issue with it crashing or anything.

dcc 88 Posting Virtuoso · Answer 3 · 2006-03-29T00:27:47+00:00

As always what paypal says, they will never ever ask for your name / password. EVER. And never ever click on links from emails, always type into web browsers.
Also, try out microsofts ie 7. It includes a phishing filter that checks websites automomatically for you. I have been using it since last july when it came out and it works really well. I've never had an issue with it crashing or anything.

Thank you, this is what I was hoping to hear, good advice, and a way to protect myself. I saw the MS program on line, but wanted to hear from someone who had used it before I download it.

DanceInstructor 19 Posting Whiz · Answer 4 · 2006-03-29T02:19:54+00:00

A tad off topic, but this is a great site about scams etc: http://www.419eater.com/

BeastOverlordH6 0 Posting Whiz in Training · Answer 5 · 2006-03-30T03:40:05+00:00

"I SEND YOU TWENTITY TOUSAND DOLLARS, I PROMISE!!!!!111!!!!1!!!"

"OMG VIAGRA"

"ROFLCOPTER Deluxe Edition - $29.99 + shipping & handling"

They were gonna send twentity thousand. How kind. Señor servar_crash only got eleventy hunderd.

dcc 88 Posting Virtuoso · Answer 6 · 2006-03-30T09:33:50+00:00

Good timing on this BeastOverlordH6, I just found an e-mail form the Microsoft E-mail Lottery Promotion annoucing that I have just won eight hundered thousand Euros! Dang, things are getting slimy here, I need to find some sort of filter for this cr@p.

alc6379 120 Cookie... That's it Team Colleague · Answer 7 · 2006-03-30T09:58:42+00:00

Alex, I had left it in because it is a benighn site as long as you don't provide the information they're requesting. I did report this to my bank and inturn their fraud department. With what I was able to glean on line, calling the police isn't really going to accomplish much of anything, especially when you are dealing with the sherif department in a small rural town. As servercrash was alluding to, theses people are pretty well insulated being in some third world country.

Good job.

The thing to keep in mind with sites like those is that if they're unscrupulous enough to do things like this, they're also probably dirty enough to perform drive-by software installations. Next thing you know, BLAM- you've got spyware, and identity theft.

dcc 88 Posting Virtuoso · Answer 8 · 2006-03-30T12:22:41+00:00

For those of you who are interested, I found an anti-Phishing extension for Firefox which is made by Google. I downloaded it, and it works great.

http://www.google.com/tools/firefox/safebrowsing/index.html

nizzy1115 14 Practically a Posting Shark · Answer 9 · 2006-03-30T12:26:56+00:00

What in the heck doesn't google make?!?! That is one crazy company for sure.

I'll have to try this though.

Phishing alert

Recommended Answers Collapse Answers

All 13 Replies

Recommended Answers