[ale] FW: Paypal account update spoof

Thomas Holmquist fishy at ipa.net
Wed Apr 23 02:00:44 EDT 2003


failure to update your records will result in
account termination. Please update your records in maximum 24 hours."

seems a bit obvious...

ChangingLINKS.com wrote:

>WHOOOOAAA!
>I actually got that email/website, and I was thinking "do I have a PayPal 
>account?" (I used to ask 'close friends' to do that type of admin work for 
>me).
>
>Then I thought, "They want all THAT information? I will let the account 
>expire, and sign up again if I need it."
>
>I have gotten tons of spam,  and seen almost everything, but THIS scam was 
>convincing. Perhaps if they had asked for less, they would have gotten my 
>info.
>
>However, the "PayPal scam" is NOT the only scam you gotta worry about. You 
>also have to worry about *the* PayPal scam. Just days before, I read the 
>racket that PayPal is running *themselves*:
>
>See:
>www.paypalsucks.com
>openstuff.net/index.py/paypal
>www.nopaypal.com/contact.shtml
>
>Thanks Bob for letting me know that was a scam. It does look pretty convincing 
>(except that they ask for so much). Hopefully, fewer people will get ripped 
>off by "legal or illegal" PayPal crooks.
>
>Drew
>
>On Tue April 22 2003 23:43, Transam wrote:
>  
>
>>This is a fine example of Social Engineering that probably will be
>>quite successful.  Always be suspicious of similar types of requests
>>asking for your sensitive information, such as credit card, debit card,
>>and bank account numbers, and other personal information.
>>
>>--Bob
>>
>>----- Forwarded message from Bob Toxen <bob at verysecurelinux.com> -----
>>
>>-----Original Message-----
>>From: Jerry Becknell [mailto:gbecknell at FBI.GOV]
>>Sent: Friday, April 18, 2003 2:54 PM
>>To: INFRAGARD-ATLANTA at LISTSERV.CC.EMORY.EDU
>>Subject: [INFRAGARD-ATLANTA] FW: [Infragard-discussion] Warning: Paypal
>>account update spoof...
>>
>>The following information provided through InfraGard Atlanta:
>>infragard.atlanta at fbi.gov www.infragardatlanta.org
>>
>>-----Original Message-----
>>From: infragard-discussion-admin at listserv.infragard.org
>>[mailto:infragard-discussion-admin at listserv.infragard.org] On Behalf Of
>>Paul Zasada
>>Sent: Friday, April 18, 2003 11:43 AM
>>To: InfraGard_Discussion
>>Subject: [Infragard-discussion] Warning: Paypal account update spoof...
>>
>>Beware of an urgent email from security at Paypal.com to update your
>>account...
>>
>>"It has come to our attention that your eBay Billing Information records
>>are out of date.  That requires you to update the Billing Information.  If
>>you could please take 5-10 minutes out of your online experience and update
>>your billing records, you will not run into any future problems with eBay's
>>online service.  However, failure to update your records will result in
>>account termination.  Please update your records in maximum 24 hours."
>>
>>
>>The link provides a web page that requests: username/password/email,
>>creditcard/CCV, bank account/ABA... whole 9 yards.  The presentation is
>>extremely convincing, with Paypal graphics deep-linked from official Paypal
>>servers and all links programmed to show the Paypal.com URL in the browser
>>status window on mouseover.
>>
>>The webpage requesting update of info is not an SHTTP page (ssl) and the
>>URL is a numerical IP to mask the identity, which goes to a bogus
>>"elemantary" school in Korea: http://211.34.252.132/
>>
>>
>>FBI Cybercrime Division confirms this is a new scam that is similar to one
>>which masqueraded as AOL and several other online service providers.  If
>>you receive email that provides a link with a destination page requesting
>>personal information, you should be very suspicious.  Generally, you should
>>never give out personal information unless you go to that service
>>provider's site and physically log into your account with your user-name
>>and password.
>>
>>Please feel free to circulate this to anyone that can benefit.
>>
>>Paul Zasada
>>Communications Director
>>FBI InfraGard Connecticut
>>http://www.InfraGard-CT.org
>>_______________________________________________
>>Infragard-discussion mailing list
>>Infragard-discussion at listserv.infragard.org
>>http://listserv.infragard.org/mailman/listinfo/infragard-discussion
>>
>>*******
>>This message (including any attachments) contains confidential information
>>provided by InfraGard Atlanta, and is intended for a specific InfraGard
>>addressee.  This message is being distributed for informational purposes
>>only.  InfraGard assumes no responsibility and no liability for the content
>>of the message or liability for any attachments sent.  If you are not the
>>intended recipient, you should delete this message immediately, and are
>>hereby notified that any disclosure, copying, or distribution of this
>>message, or the taking of any action based on it, is strictly prohibited.
>>If you do not agree to these terms and conditions, you are required to
>>notify InfraGard Atlanta immediately by email that you do not accept the
>>InfraGard terms and conditions.  InfraGard reserves the right to remove you
>>from its recipient list or take whatever steps it believes necessary or
>>appropriate to protect its legal rights.
>>InfraGard is an information sharing and analysis effort serving the
>>interests and combining the knowledge base of a wide range of members.
>>InfraGard is a cooperative undertaking between the U.S. Government (led by
>>the FBI and the NIPC) and an association of businesses, academic
>>institutions, state and local law enforcement agencies, and other
>>participants dedicated to increasing the security of United States'
>>critical infrastructures.
>>
>>********
>>If you no longer wish to receive InfraGard Atlanta member emails, send a
>>request via email to Jerry Becknell, InfraGard Atlanta Coordinator at
>>gbecknell at fbi.gov
>>
>>----- End forwarded message -----
>>_______________________________________________
>>Ale mailing list
>>Ale at ale.org
>>http://www.ale.org/mailman/listinfo/ale
>>    
>>
>
>  
>


_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list