[ale] FW: Paypal account update spoof

Transam bob at verysecurelinux.com
Wed Apr 23 00:43:54 EDT 2003 

This is a fine example of Social Engineering that probably will be
quite successful.  Always be suspicious of similar types of requests
asking for your sensitive information, such as credit card, debit card,
and bank account numbers, and other personal information.

--Bob

----- Forwarded message from Bob Toxen <bob at verysecurelinux.com> -----

-----Original Message-----
From: Jerry Becknell [mailto:gbecknell at FBI.GOV]
To: ale at ale.org
Sent: Friday, April 18, 2003 2:54 PM
To: INFRAGARD-ATLANTA at LISTSERV.CC.EMORY.EDU
Subject: [INFRAGARD-ATLANTA] FW: [Infragard-discussion] Warning: Paypal
account update spoof...

The following information provided through InfraGard Atlanta:
infragard.atlanta at fbi.gov www.infragardatlanta.org

-----Original Message-----
From: infragard-discussion-admin at listserv.infragard.org
To: ale at ale.org
[mailto:infragard-discussion-admin at listserv.infragard.org] On Behalf Of Paul
Zasada
Sent: Friday, April 18, 2003 11:43 AM
To: InfraGard_Discussion
Subject: [Infragard-discussion] Warning: Paypal account update spoof...

Beware of an urgent email from security at Paypal.com to update your account...

"It has come to our attention that your eBay Billing Information records are
out of date.  That requires you to update the Billing Information.  If you
could please take 5-10 minutes out of your online experience and update your
billing records, you will not run into any future problems with eBay's
online service.  However, failure to update your records will result in
account termination.  Please update your records in maximum 24 hours."


The link provides a web page that requests: username/password/email,
creditcard/CCV, bank account/ABA... whole 9 yards.  The presentation is
extremely convincing, with Paypal graphics deep-linked from official Paypal
servers and all links programmed to show the Paypal.com URL in the browser
status window on mouseover.

The webpage requesting update of info is not an SHTTP page (ssl) and the URL
is a numerical IP to mask the identity, which goes to a bogus "elemantary"
school in Korea: http://211.34.252.132/


FBI Cybercrime Division confirms this is a new scam that is similar to one
which masqueraded as AOL and several other online service providers.  If you
receive email that provides a link with a destination page requesting
personal information, you should be very suspicious.  Generally, you should
never give out personal information unless you go to that service provider's
site and physically log into your account with your user-name and password.

Please feel free to circulate this to anyone that can benefit.

Paul Zasada
Communications Director
FBI InfraGard Connecticut
http://www.InfraGard-CT.org
_______________________________________________
Infragard-discussion mailing list
Infragard-discussion at listserv.infragard.org
http://listserv.infragard.org/mailman/listinfo/infragard-discussion

*******
This message (including any attachments) contains confidential information
provided by InfraGard Atlanta, and is intended for a specific InfraGard
addressee.  This message is being distributed for informational purposes
only.  InfraGard assumes no responsibility and no liability for the content
of the message or liability for any attachments sent.  If you are not the
intended recipient, you should delete this message immediately, and are
hereby notified that any disclosure, copying, or distribution of this
message, or the taking of any action based on it, is strictly prohibited.
If you do not agree to these terms and conditions, you are required to
notify InfraGard Atlanta immediately by email that you do not accept the
InfraGard terms and conditions.  InfraGard reserves the right to remove you
from its recipient list or take whatever steps it believes necessary or
appropriate to protect its legal rights.
InfraGard is an information sharing and analysis effort serving the
interests and combining the knowledge base of a wide range of members.
InfraGard is a cooperative undertaking between the U.S. Government (led by
the FBI and the NIPC) and an association of businesses, academic
institutions, state and local law enforcement agencies, and other
participants dedicated to increasing the security of United States' critical
infrastructures.

********
If you no longer wish to receive InfraGard Atlanta member emails, send a
request via email to Jerry Becknell, InfraGard Atlanta Coordinator at
gbecknell at fbi.gov

----- End forwarded message -----
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list