Paypal --Security Scam-- W A R N I N G

ddean

ddean

Joined
Mar 26, 2002
Messages
3,397
If you got taken in by this, & --replied-- with your personal info
do whatever you have to in order to protect your accounts
both Paypal & bank.

Type into your browser address bar the direct Paypal address
https://www.paypal.com
include the https
to go directly to a secure link.
Then log in & change your password.

I just checked my Email & found this - - - Fake - - - message:

==========================================================
Subject: PayPal Notification: Account Validation
From: "service@paypal.com" <service@paypal.com>
Date: Mon, 8 Nov 2004 20:37:50

Dear PayPal customer,

It has come to our attention that when logging into PayPal,
you or somebody else have made several login attempts and reached
your daily attempt limit. As an additional security measure your
access to PayPal will be limited in a 24-hour period if you do not
verify your identity.

[disabled url]http://secure.paypal-data.com[/url]

Please verify your details clicking on the link above, before trying to
log in again. You will be able to attempt logging into PayPal account
immediately after you verify your identity without any limitations
applying to your account.


Sincerely,
PayPal Security Department.
PayPal, Inc.

© Copyright © 1999-2004 PayPal. All rights reserved.
==========================================================

~
~~~~~~~~~~~~~~
<>call me 'Dean' :)-FYI-FWIW-IIRC-JMO-M2C-YMMV-TIA-YW-GL-HH-HBD-IBSCUTWS-TWotBGUaDUaDUaD
<> Tips <> Baha'i Prayers Links --A--T--H--D
 
I get 'em every once in a while. I forward them the the PayPal 'spoof' account.

Dean, you might want to disable the link in the body of that fake message, in case some innocent clicks on it.
 
Nice try, Bruise. His edit timestamp is 1 minute before your post.
 
Disabled, thanks for reminder.

I get lots of other spoofs,
but this one made me do a double-take.

If one is tired or rushed,
sometimes we aren't as careful as we should be.

~
~~~~~~~~~~~~~~
<>call me 'Dean' :)-FYI-FWIW-IIRC-JMO-M2C-YMMV-TIA-YW-GL-HH-HBD-IBSCUTWS-TWotBGUaDUaDUaD
<> Tips <> Baha'i Prayers Links --A--T--H--D
 
I'm amazed - this message actually seems to have good spelling and punctuation. Usually with these sort of phishing scams, the letters look like they were written by someone who doesn't know English.

However, I'm always suspicious whenever I get any email asking for important information.
 
the worse ones are when they play on your emotions......"someone has been trying to access your account - protect yourself!"

please forward the url to spoof@paypal.com



just FYI....I sent that very website to Paypal earlier this morning. ;)

Hope to see it shut down soon....
 
I get these every day too. In addition to similar attempts to social engineer my username&password for eBay, SunTrust and Citi-something (of which i only use eBay). The idea is to steal credit card info or login information for account (like Paypal) from gullible users and steal the money.

Be very careful before entering any information on any website. Rememebr the genuine URL (Address) of entry forms for those few sites you use (or write themdown) and compare them to where those links take you. For example, in the message above it woudl seem that the link is pointing to http://www.paypal.com but in reality it was probably some other site (move your mouse cursor over the link and the real address will show up near the bottom of your screen).
 
Aardvark said:
Nice try, Bruise. His edit timestamp is 1 minute before your post.
Click to expand...

As they usually said near the end of those Scooby Doo cartoons...

"... and I would have gotten away with it, if it weren't for you meddling kids".
 
scooby.jpg


...so your the reason velma's always smiling ;)
 
In addition to all the above a joker sent me a file rife with virus. Yahoo would not open it- I sent it back to the unk sender saying: You don't know me but would send me a virus?

The file is 41k I get a new version of it every other day now. It is a reformated myDoom virus.
They/he even sent it back to me as if it had been an inquiry to Symantec. That one told me everything was OK - just open it and see.


Evil. The net opens up new possibilites for abusers.


munk
 
Daniel Koster said:
the worse ones are when they play on your emotions......"someone has been trying to access your account - protect yourself!"

please forward the url to spoof@paypal.com



just FYI....I sent that very website to Paypal earlier this morning. ;)

Hope to see it shut down soon....
Click to expand...

You can also get these emails about your eBay account. Forward them to spoof@ebay.com

Be especially careful when dealing with sellers who ask you to email them directly, not going through eBay, because of some BS about their eBay account being full or whatever.
 
Bill Martino said:
Every damned day you get a couple of dozen crooks trying to steal your money.
Click to expand...

I am averaging six e-mails a day that want to trick me into going to some unknown site -- probably virus carriers-- and four "Nigerian fraud" messages a day ($$millions for helping transfer even more $$ our of XXX country to U.S.). Yahoo shunts most to spam ("bulk") file, but a few get by to my inbox. Alas,for senders, I open nothing I do not absolutely recognize.

I used to get 2-3 sex vendors after me per day but they have given up. :confused: :grumpy: :eek: :rolleyes:
 
Thomas Linton said:
Yahoo shunts most to spam ("bulk") file, but a few get by to my inbox.
Click to expand...
Yahoo also sometimes shunts some of my good Email to Bulk.
Everything comes into my computer.
In Agent, I filter out known senders to appropriate folders,
then filter on a couple hundred keywords to a Spam folder,
then route any remaining Yahoo-Bulk-marked to a Bulk folder,
then anything else left & marked overseas to an Overseas folder,
and finally anything not yet filtered out (very seldom) goes to the Inbox.

2-3 times a week a couple new keywords get added to the filters.

A nice feature of Agent (or deficiency---pov) is that it is text only.
Nothing (html/pix/other) is opened unless you specificly launch it.

~
~~~~~~~~~~~~~~
<>call me 'Dean' :)-FYI-FWIW-IIRC-JMO-M2C-YMMV-TIA-YW-GL-HH-HBD-IBSCUTWS-TWotBGUaDUaDUaD
<> Tips <> Baha'i Prayers Links --A--T--H--D
 
I practically never get any of this stuff. I guess comcast filters most of it out and thunderbird gets the rest. Most of my mail is sorted anyway. I got scirocco list, archived rocco list, lincoln groups, Bittorrent groups (that I dont read and should unsubscribe) and swordforum messages. I am left with 7 that dont fit into the above or junk. Usually 4-6 are still junk that the filter didn't catch. All that from 150-200 messages a day.

In fact, I can't remember the last time I got a suspicious attachment. Mostly just loan scams, cheap meds and software spam.
 
New one using PayPal

What is it?
W32/Mydoom.ah@MM is a Medium Risk mass-mailing worm that exploits a "buffer overflow vulnerability" in Microsoft Internet Explorer to spread from computer to computer using stolen email addresses. Web links (e.g., "see my homepage") in the spam messages point to infected systems, which then download the virus onto new victims' machines. Unlike earlier Mydoom variants, W32/Mydoom.ah@MM forwards no attachments.

Up-to-date McAfee VirusScan users with DAT 4405 are protected from this threat. Note: McAfee also recommends regularly updating your Windows operating system with the latest security patches from Microsoft.

What should I look for?


FROM: Spoofed.
SUBJECT: Varies. Examples: hi!, hey!, Confirmation
BODY: Varies. Examples:
- Congratulations! PayPal has successfully charged $175 to your credit card. To see details please click this ZZZlink.
- Hi! I am looking for new friends. I am from Miami, FL. You can see my homepage with my last webcam photos!
ATTACHMENT: None.
How do I know if I've been infected?

When run, the virus creates a file in the WINDOWS SYSTEM (%WinDir%\system32) directory with a random filename that ends in 32.exe.

How do I find out more?

View details about W32/Mydoom.ah@MM here
 
Just a reminder.

Here's another fake attempt.

========================================================

Subject: Reactivate your Prodigy account
From: antifraud-prodigy <prodigy-department@prodigy-billing.biz>
Date: Wen, 10 Nov 2004 09:14:41 +0000

Dear Prodigy member,

Because of numerous fraud attempts in our system, we are updating our billing information records.
It is very important to update your billing information
ASAP, because in other way we will have to hold on your account in suspection of fraud.
Please do not worry. Our card processing system will check your billing information and confirm your membership.

Click here to [url ]disabled http://prodigy-confirmation.net/?2DXM9OB950P[/url] update your records.

Please fill the forms correctly, because any of your mistake may hold your account.

Thank you for your time.

Sincerely yours,
Jeff Glasgoff
[Prodigy Information Security Department]

========================================================


~
~~~~~~~~~~~~~~
<>call me 'Dean' :)-FYI-FWIW-IIRC-JMO-M2C-YMMV-TIA-YW-GL-HH-HBD-IBSCUTWS-TWotBGUaDUaDUaD
<> Tips <> Baha'i Prayers Links --A--T--H--D
 
You must log in or register to reply here.
Back
Top