[Cialug] PayPal security fraud

Cesar Mendoza mendoza at kitiara.org
Mon Jul 18 16:28:29 CDT 2005 

Hi,

The practice is called phishing and if you look at the source code of
the HTML email you are going to find out that the link doesn't point to
a Paypal server. They just want to steal your account info if you happen
to have one and fall for the trick.

Bye
Cesar Mendoza
http://www.kitiara.org
--
"The fate of all mankind I see
Is in the hands of fools."
  --King Crimson, Epitaph


On Mon, Jul 18, 2005 at 03:39:49PM -0500, Allen Kiddoo wrote:
> Group-
> 
> Just got 2 emails from this idiot-
> One problem- I don't have a paypal account.
> 
> Sounds real but I know it isn't.
> You might want to fore warn others.
> 
> Allen Kiddoo
> Muscatine
> ---------------------------------------
> ---------- Forwarded Message -----------
> From: security at paypal.com <service at paypal.com>
> To: info at iowaprint.com
> Sent: 19 Jul 2005 00:29:08 +0900
> Subject: Urgent PayPal security notification
> 
> Security Center Advisory!
> 
>  We recently noticed one or more attempts to log in to your PayPal account
> from a foreign IP address and we have reasons to belive that your account was
> hijacked by a third party without your authorization. If you recently accessed
> your account while traveling, the unusual log in attemptsmay have been
> initiated by you.
> 
> If you are the rightful holder of the account you must click the link below
> and then complete all steps from the following page as we try to verify your
> identity.
> 
>  Click here to verify your account
> 
> If you choose to ignore our request, you leave us no choise but to temporaly
> suspend your account.
> 
> Thank you for using PayPal! The PayPal Team
> 
> -----------------------------------------------------------------------
> 
>  Please do not reply to this e-mail. Mail sent to this address cannot be
> answered. For assistance, log in to your PayPal account and choose the "Help"
> link in the footer of any page.
> To receive email notifications in plain text instead of HTML, update your
> preferences here.
> 
> PayPal Email ID PP697
> 
>  Protect Your Account Info
> 
> Make sure you never provide your password to fraudulent persons.
> 
> PayPal automatically encrypts your confidential information using the Secure
> Sockets Layer protocol (SSL) with an encryption key length of 128-bits (the
> highest level commercially available).
> 
> PayPal will never ask you to enter your password in an email.
> 
> For more information on protecting yourself from fraud, please review our
> Security Tips at http://www.paypal.com/securitytips
> 
>  Protect Your Password
> 
>  You should never give your PayPal password to anyone, including PayPal employees.
> ------- End of Forwarded Message -------
> 
> 
> -----------------
> Time wounds all heels.
> 
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug

More information about the Cialug mailing list