[ale] FW: Paypal account update spoof

ChangingLINKS.com x3 at ChangingLINKS.com
Wed Apr 23 00:55:48 EDT 2003


WHOOOOAAA!
I actually got that email/website, and I was thinking "do I have a PayPal 
account?" (I used to ask 'close friends' to do that type of admin work for 
me).

Then I thought, "They want all THAT information? I will let the account 
expire, and sign up again if I need it."

I have gotten tons of spam,  and seen almost everything, but THIS scam was 
convincing. Perhaps if they had asked for less, they would have gotten my 
info.

However, the "PayPal scam" is NOT the only scam you gotta worry about. You 
also have to worry about *the* PayPal scam. Just days before, I read the 
racket that PayPal is running *themselves*:

See:
www.paypalsucks.com
openstuff.net/index.py/paypal
www.nopaypal.com/contact.shtml

Thanks Bob for letting me know that was a scam. It does look pretty convincing 
(except that they ask for so much). Hopefully, fewer people will get ripped 
off by "legal or illegal" PayPal crooks.

Drew

On Tue April 22 2003 23:43, Transam wrote:
> This is a fine example of Social Engineering that probably will be
> quite successful.  Always be suspicious of similar types of requests
> asking for your sensitive information, such as credit card, debit card,
> and bank account numbers, and other personal information.
>
> --Bob
>
> ----- Forwarded message from Bob Toxen <bob at verysecurelinux.com> -----
>
> -----Original Message-----
> From: Jerry Becknell [mailto:gbecknell at FBI.GOV]
> Sent: Friday, April 18, 2003 2:54 PM
> To: INFRAGARD-ATLANTA at LISTSERV.CC.EMORY.EDU
> Subject: [INFRAGARD-ATLANTA] FW: [Infragard-discussion] Warning: Paypal
> account update spoof...
>
> The following information provided through InfraGard Atlanta:
> infragard.atlanta at fbi.gov www.infragardatlanta.org
>
> -----Original Message-----
> From: infragard-discussion-admin at listserv.infragard.org
> [mailto:infragard-discussion-admin at listserv.infragard.org] On Behalf Of
> Paul Zasada
> Sent: Friday, April 18, 2003 11:43 AM
> To: InfraGard_Discussion
> Subject: [Infragard-discussion] Warning: Paypal account update spoof...
>
> Beware of an urgent email from security at Paypal.com to update your
> account...
>
> "It has come to our attention that your eBay Billing Information records
> are out of date.  That requires you to update the Billing Information.  If
> you could please take 5-10 minutes out of your online experience and update
> your billing records, you will not run into any future problems with eBay's
> online service.  However, failure to update your records will result in
> account termination.  Please update your records in maximum 24 hours."
>
>
> The link provides a web page that requests: username/password/email,
> creditcard/CCV, bank account/ABA... whole 9 yards.  The presentation is
> extremely convincing, with Paypal graphics deep-linked from official Paypal
> servers and all links programmed to show the Paypal.com URL in the browser
> status window on mouseover.
>
> The webpage requesting update of info is not an SHTTP page (ssl) and the
> URL is a numerical IP to mask the identity, which goes to a bogus
> "elemantary" school in Korea: http://211.34.252.132/
>
>
> FBI Cybercrime Division confirms this is a new scam that is similar to one
> which masqueraded as AOL and several other online service providers.  If
> you receive email that provides a link with a destination page requesting
> personal information, you should be very suspicious.  Generally, you should
> never give out personal information unless you go to that service
> provider's site and physically log into your account with your user-name
> and password.
>
> Please feel free to circulate this to anyone that can benefit.
>
> Paul Zasada
> Communications Director
> FBI InfraGard Connecticut
> http://www.InfraGard-CT.org
> _______________________________________________
> Infragard-discussion mailing list
> Infragard-discussion at listserv.infragard.org
> http://listserv.infragard.org/mailman/listinfo/infragard-discussion
>
> *******
> This message (including any attachments) contains confidential information
> provided by InfraGard Atlanta, and is intended for a specific InfraGard
> addressee.  This message is being distributed for informational purposes
> only.  InfraGard assumes no responsibility and no liability for the content
> of the message or liability for any attachments sent.  If you are not the
> intended recipient, you should delete this message immediately, and are
> hereby notified that any disclosure, copying, or distribution of this
> message, or the taking of any action based on it, is strictly prohibited.
> If you do not agree to these terms and conditions, you are required to
> notify InfraGard Atlanta immediately by email that you do not accept the
> InfraGard terms and conditions.  InfraGard reserves the right to remove you
> from its recipient list or take whatever steps it believes necessary or
> appropriate to protect its legal rights.
> InfraGard is an information sharing and analysis effort serving the
> interests and combining the knowledge base of a wide range of members.
> InfraGard is a cooperative undertaking between the U.S. Government (led by
> the FBI and the NIPC) and an association of businesses, academic
> institutions, state and local law enforcement agencies, and other
> participants dedicated to increasing the security of United States'
> critical infrastructures.
>
> ********
> If you no longer wish to receive InfraGard Atlanta member emails, send a
> request via email to Jerry Becknell, InfraGard Atlanta Coordinator at
> gbecknell at fbi.gov
>
> ----- End forwarded message -----
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

-- 
Wishing you Happiness, Joy and Laughter,
Drew Brown
http://www.ChangingLINKS.com
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list