Results 1 to 3 of 3

Thread: Paypal phishing scam alert

  1. #1
    Ex-MSFT Paul Adams's Avatar
    Join Date
    Jul 2003
    Location
    %systemroot%
    Posts
    1,926
    Thanks
    29
    Thanked
    77 times in 59 posts
    • Paul Adams's system
      • Motherboard:
      • Asus Maximus VIII
      • CPU:
      • Intel Core i7-6700K
      • Memory:
      • 16GB
      • Storage:
      • 2x250GB SSD / 500GB SSD / 2TB HDD
      • Graphics card(s):
      • nVidia GeForce GTX1080
      • Operating System:
      • Windows 10 x64 Pro
      • Monitor(s):
      • Philips 40" 4K
      • Internet:
      • 500Mbps fiber

    Exclamation Paypal phishing scam alert

    Just received an email which on inspection is an attempt to capture Paypal login details from the unwary:
    Personal Account Identity Verification


    We recently reviewed your account, and suspect that your PayPal account may have been accessed by an unauthorized third party. Protecting the security of your account and of the PayPal network is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive PayPal account features.

    To restore your account access, please take the following steps to ensure that your account has not been compromised:

    1. Confirm your identity by completing the account verification process.

    2. Click the "Submit" button at the bottom of the page.You will be taken to the Data Security and Encryption page.

    3. Login to your PayPal account and review your recent account history for any unauthorized payments sent or received, and check your account profile to make sure not changes have been made. If any unauthorized activity has taken place on your account, report this to PayPal immediately.

    To get started, please click the link below:

    https://www.paypal.com/cgi-bin/webscr?cmd=account-verification-run

    For more information about how to protect your account, please visit PayPal's Security Center, accessible via the "Security Center" link located at the bottom of each page of the PayPal website.

    We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of the entire PayPal system. Thank you for your prompt attention to this matter.


    Thank You,
    The PayPal Team

    Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the header of any page.
    The hyperlink source code actually points to:
    http://www.paypal.com%00@goodyes.com/abm/imgs/anim3/index.htm
    They are using images in the HTML email which reference the genuine www.paypal.com site.

    This is exactly why I despise HTML as an email format, and it is also why I use a separate email address for my various online services - this one was addressed to my personal email address so I know it's not genuine.

    FYI this is attempting to take advantage of a hole in IE which displays the URL in the browser only as far as the null code (%00) - it has been fixed (by removing support for "user:password@site" format URLs) so if you're up to date with Windows Updates then you should be okay.


    Edit:
    Silly automatic URL parsing turned itself back on after preview, d'oh
    ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~
    PC: Win10 x64 | Asus Maximus VIII | Core i7-6700K | 16GB DDR3 | 2x250GB SSD | 500GB SSD | 2TB SATA-300 | GeForce GTX1080
    Camera: Canon 60D | Sigma 10-20/4.0-5.6 | Canon 100/2.8 | Tamron 18-270/3.5-6.3

  2. #2
    Raging Bull DeludedGuy's Avatar
    Join Date
    Dec 2003
    Location
    London
    Posts
    2,594
    Thanks
    112
    Thanked
    76 times in 55 posts
    • DeludedGuy's system
      • Motherboard:
      • Gigabyte H87M-HD3
      • CPU:
      • Core i5 4440
      • Memory:
      • 8GB DDR3 1800mhz
      • Storage:
      • 250GB Samsung 840 SSD
      • Graphics card(s):
      • Gigabyte R9 270 OC 2GB
      • PSU:
      • BeQuiet Pure Power L8 600w
      • Case:
      • Silverstone TJ08-E
      • Operating System:
      • Windows 7
      • Monitor(s):
      • 24" Dell U2414H
      • Internet:
      • 75Mb BT Infinity
    Yeh, I have recieved that email twice, and I dont even have a paypal account!

  3. #3
    Ex-MSFT Paul Adams's Avatar
    Join Date
    Jul 2003
    Location
    %systemroot%
    Posts
    1,926
    Thanks
    29
    Thanked
    77 times in 59 posts
    • Paul Adams's system
      • Motherboard:
      • Asus Maximus VIII
      • CPU:
      • Intel Core i7-6700K
      • Memory:
      • 16GB
      • Storage:
      • 2x250GB SSD / 500GB SSD / 2TB HDD
      • Graphics card(s):
      • nVidia GeForce GTX1080
      • Operating System:
      • Windows 10 x64 Pro
      • Monitor(s):
      • Philips 40" 4K
      • Internet:
      • 500Mbps fiber
    Another one, actually trying the tack of "due to the number of phishing scams, please authenticate your details at this site...":
    Account System Cleanup

    IMPORTANT
    Dear PayPal Member,
    Due to overwhelming reports of fraudulent transactions and account abuse, PayPal now requires all active members who have an account to verify that they rightfully own it.

    You must click the link below and enter your email, password and reference code on the following page to verify your account.

    This is NOT a SCAM or HOAX. Please check your address bar to make sure you are on the authentic PayPal website.

    https://www.paypal.com/accountcleanup/

    Your reference code is : PPA-2546-5437

    You will be guided through a series of steps which will require you to enter personal information, such as credit card number and/or bank details.

    ALL accounts not re-verified within 5 days of receiving this email will be automatically frozen.

    PayPal is doing this to protect it's valued members from fraud and scams. Paypal will not share your personal information with other companies and corporations. Privacy Policy

    Thank you for your co-operation,
    PayPal

    Please do not reply to this e-mail. Mail sent to this address cannot be answered. Due to security reasons your name and personal information cannot be mentioned in this email.

    To receive email notifications in plain text instead of HTML, update your preferences here.
    The paypal.com link actually points to:
    http://www.paypal.com%00@antispam.u26.smartwebinc.com/pp/index.htm
    ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~
    PC: Win10 x64 | Asus Maximus VIII | Core i7-6700K | 16GB DDR3 | 2x250GB SSD | 500GB SSD | 2TB SATA-300 | GeForce GTX1080
    Camera: Canon 60D | Sigma 10-20/4.0-5.6 | Canon 100/2.8 | Tamron 18-270/3.5-6.3

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Mobile phone scam alert
    By Skii in forum General Discussion
    Replies: 8
    Last Post: 23-02-2004, 06:26 PM
  2. Credit Card Scam Alert!
    By Allen in forum General Discussion
    Replies: 6
    Last Post: 23-01-2004, 08:51 AM
  3. Online fraud - PayPal
    By Allen in forum General Discussion
    Replies: 5
    Last Post: 07-11-2003, 08:45 AM
  4. Free e-bay Listing Day - 23/10/03
    By aeonf242 in forum Retail Therapy and Bargains
    Replies: 19
    Last Post: 27-10-2003, 06:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •