ArmyTek
Results 1 to 17 of 17

Thread: Warning - PayPal Phishers Hitting CPF Member

  1. #1

    Default Warning - PayPal Phishers Hitting CPF Member

    I probably don't have to really post this WARNING do I? Nobody here would fall for such a scam, would they? [img]/ubbthreads/images/graemlins/grin.gif[/img]

    But anyway, here it is. This is a very poor scam job, probably a very young child or mentally retarded adult. Here's what the email looks like:



    Yea, right, all I have to do is type in my account info to claim the $1142.00 from jackman14@yahoo.com.

    Note the ridiculasly poor text over phake webpage; not even 3rd grade level work here. This criminal needs a lot of schooling.

    What's this crook's trail? Well here's the path the email from "PayPal" came from:

    Received: from mta205-rme.xtra.co.nz ([210.86.15.187])
    by sccqmxc95.asp.att.net (sccqmxc95) with ESMTP
    id <20041227224032q95002en3se>; Mon, 27 Dec 2004 22:40:33 +0000
    X-Originating-IP: [210.86.15.187]
    Received: from mta1-rme.xtra.co.nz ([210.86.15.240])
    by mta205-rme.xtra.co.nz with ESMTP
    id <20041227224027.XMZF18126.mta205-rme.xtra.co.nz@mta1-rme.xtra.co.nz>
    for <lambda@mchsi.com>; Tue, 28 Dec 2004 11:40:27 +1300
    Received: from smtp.xtra.co.nz ([210.55.80.74]) by mta1-rme.xtra.co.nz
    with SMTP
    id <20041227224025.WZSF22485.mta1-rme.xtra.co.nz@smtp.xtra.co.nz>
    for <lambda@mchsi.com>; Tue, 28 Dec 2004 11:40:25 +1300
    To: "" <lambda@mchsi.com>
    From: "" <service@paypal.com>
    Subject: jackman14@yahoo.com has just sent you $1142.00 USD
    X-Mailer: Ghost Mail 5.1 http://ay.home.ml.org/
    X-Priority: 1 (Highest)
    Content-type: text/html
    Message-Id: <20041227224025.WZSF22485.mta1-rme.xtra.co.nz@smtp.xtra.co.nz>
    Date: Tue, 28 Dec 2004 11:40:27 +1300

    Yep, that sure looks like a normal route an email from PayPal to me would take; NOT!

    This poor dimwit needs to get busted if for nothing else, just for bogging down the internet with this feces. What a Lamo. [img]/ubbthreads/images/graemlins/thumbsdown.gif[/img]

    So you've been warned. Do not feed this idiot; beware of the evil PayPal Phisher.

  2. #2
    Flashaholic*
    Join Date
    Apr 2001
    Location
    Massachusetts
    Posts
    4,852

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    Do they ever catch any of these guys?

  3. #3

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    That particular entity also sent out fake eBay updates just a few days ago. What most people should know by now is that no company will have you update information from anything other than logging in at their website. If they ever do send an email, it would never have a link for logging on.

  4. #4
    Flashaholic* Chris M.'s Avatar
    Join Date
    Jan 2001
    Location
    South Wales, UK
    Posts
    2,564

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    I got deluged with fake Ebay mails the other week. Sent every last one on to spoof-at-ebay-dot-com for them to deal with. Some clever social engineering at play, and a new trick of using a form button instead of a text link to get around the fact that the address of the forged page is usually displayed at the bottom of the screen when you hover over text links. Wasn`t fooled though, and I almost laughed at the "become a power seller" ones, since I have never sold anything and am not set up to do so. Ebay doesn`t even have my credit card number, I registered before it became necessary. Well, since they bought out Paypal they probably do now, but not directly linked to my account.

    But what I don`t understand is how the scum got a hold of my address since it is relatively new, doesn`t yet get spammed and has never been posted out on the internet anywhere. It`s only used for private communication, Ebay and Paypal. As far as I know, you can`t get hold of Ebay users direct mail addresses any more, member or not. So part of me suspects an inside job, some newcomer stole a load of addresses to sell on, and part can`t help but wonder if their user database got hacked or is otherwise accessible somehow. Whatever happened they need to stop it immediately.


    I don`t believe in an afterlife but am very willing to entertain the notion of Hell so these criminals can burn there long and hard, even if the authorities can`t catch them when they`re alive......

    [img]/ubbthreads/images/graemlins/mad.gif[/img]

  5. #5
    *Moderator* K-T's Avatar
    Join Date
    Mar 2002
    Location
    Germany
    Posts
    3,469

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    The only thing I noticed since mid December is a new wave of spam hitting email addresses I hardly ever used. They are trying to sell me tons of fake watches for cheap, guess they figured out they won't earn a dime on me trying to sell me their little blue pills. [img]/ubbthreads/images/graemlins/icon3.gif[/img] [img]/ubbthreads/images/graemlins/ohgeez.gif[/img] [img]/ubbthreads/images/graemlins/icon15.gif[/img]

  6. #6
    Flashaholic
    Join Date
    Nov 2004
    Location
    IL
    Posts
    300

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    Some spamers are such idiots!!!!!!!!!

  7. #7
    *Retired* The_LED_Museum's Avatar
    Join Date
    Aug 2000
    Location
    Federal Way WA. USA
    Posts
    19,421

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    One way to test if the douchebag is for real is to create a phoney Paypal account (using a disposable email address that gets used for nothing else), and then use another Paypal account to transfer 1˘ or 2˘ to it; wait to verify the money is actually in there, and then "log in" to your new Paypal account via the phoney email and see what happens. Might get a web URL that can be traced, with only a penny or two at risk.

    Just my 2˘ here; individual results may vary.

  8. #8
    *Flashaholic* KevinL's Avatar
    Join Date
    Jun 2004
    Location
    At World's End
    Posts
    5,801

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    Don't follow links or fill out information into emails. Always go to the website itself by keying in the name.

    More importantly, you can do this to a website - in Internet Explorer, watch for the little yellow padlock that shows up on your bottom right. Double click it to read the certificate details. Certs do two things: they enable encryption (defeats people snooping on your traffic) AND it affirms that the site is who they claim to be. For example, https://www.paypal.com 's certificate says Issued To: www.paypal.com and Issued By: Verisign.

    So far, I haven't seen any phisher use a site with a legitimate SSL cert, since to obtain one, they have to go through a verification process which involves background checks, possibly a visit from the certificate authority, and such.

    Stay safe.

    [ QUOTE ]
    K-T said:
    The only thing I noticed since mid December is a new wave of spam hitting email addresses I hardly ever used. They are trying to sell me tons of fake watches for cheap, guess they figured out they won't earn a dime on me trying to sell me their little blue pills. [img]/ubbthreads/images/graemlins/icon3.gif[/img] [img]/ubbthreads/images/graemlins/ohgeez.gif[/img] [img]/ubbthreads/images/graemlins/icon15.gif[/img]

    [/ QUOTE ]

    Better than the ones telling me I can get a bigger bust.. [img]/ubbthreads/images/graemlins/crackup.gif[/img]

  9. #9
    Flashaholic
    Join Date
    Feb 2004
    Location
    West Palm Beach FLA (for a while anyway)
    Posts
    417

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    Hi guys,
    I had one guy try and get me to pay on a program I diden't order. It diden't show up on the Pay Pal due list. I got e mails about it for four days. It seemed to have stoped. I found it odd that I would buy a copy of Myst for 380 bucks. It seemed safe to ignore.

    Later kids
    Jack Crow

  10. #10
    *Moderator* K-T's Avatar
    Join Date
    Mar 2002
    Location
    Germany
    Posts
    3,469

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    [ QUOTE ]
    Surefiregeek said:
    Some spamers are such idiots!

    [/ QUOTE ]

    All spammers are idiots. [img]/ubbthreads/images/graemlins/icon3.gif[/img] [img]/ubbthreads/images/graemlins/wink.gif[/img]

  11. #11

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    i have an ebaystore that takes paypal and i get those all the time.

    Always remember that ebay or paypal will NEVER send an email for payment or for personal information.

  12. #12

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    Whenever you get these PayPal emails forward them to spoof@paypal.com

    They'll reply to you within a few hours explaining what it is.

  13. #13
    Flashaholic* PEU's Avatar
    Join Date
    Feb 2004
    Location
    Buenos Aires / Argentina (I like ribs)
    Posts
    3,520

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    I use the same mail account since 1997 (when I registered the domain peu.net). Today I receive around 200+ spams a day with days that double or triple that amount.

    The phishing mails I receive the most are fake logins for: Washington Mutual, Citibank, Suntrust, Paypal, Ebay, and many others but less frequently.

    About 1 1/2 years ago I installed POPFile because the problem was getting worse by the day.

    It works like a charm, from the statistics:

    Classification Accuracy
    Messages classified: 9,932
    Classification errors: 44
    Accuracy: 99.55%
    (Last Reset: Tue Oct 26 12:09:40 2004 )

    That gives you a media of around 165 mails a day the last 2 months [img]/ubbthreads/images/graemlins/icon15.gif[/img] 80.13% of this amount is SPAM

    My advice for not receive more spam: use a disposable email service for registrating at online services that will be used one time only. My preferred are www.mailinator.com (disabled until the end of the year) and www.jetable.org


    Pablo

  14. #14
    Admin formerly
    known as 'Sasha'
    Greta's Avatar
    Join Date
    Apr 2002
    Location
    The freakin' desert
    Posts
    14,180

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    [ QUOTE ]
    KevinL said:


    Better than the ones telling me I can get a bigger bust.. [img]/ubbthreads/images/graemlins/crackup.gif[/img]

    [/ QUOTE ]

    Um... er... psssst... can you forward that one to me, please?... [img]/ubbthreads/images/graemlins/rolleye11.gif[/img]

  15. #15
    Flashaholic*
    Join Date
    Mar 2002
    Location
    New Jersey
    Posts
    1,750

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    I can't help you there. If you want \/IAAGRA, \/AL1UM or CIAL11S, I can help you out.

    What I don't understand is the list of words that always appears with the ad. What's that all about. For instance in an ad for the world's finest H_G_H, I get this list:

    ouagadougou midsection drive alkaloid seance loquacious nucleotide emirate betrothal serviette craftspeople apostrophe allay lithology nash john biennial chart wildcat

  16. #16
    Flashaholic*
    Join Date
    Apr 2001
    Location
    Massachusetts
    Posts
    4,852

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    Sasha, you realize you are opening yourself up with that statment. Anyhow from pictures you have posted in the past, I think you're all set in that department.

    [ QUOTE ]
    Sasha said:
    [ QUOTE ]
    KevinL said:


    Better than the ones telling me I can get a bigger bust.. [img]/ubbthreads/images/graemlins/crackup.gif[/img]

    [/ QUOTE ]

    Um... er... psssst... can you forward that one to me, please?... [img]/ubbthreads/images/graemlins/rolleye11.gif[/img]

    [/ QUOTE ]

  17. #17

    Default Re: Warning - PayPal Phishers Hitting CPF Member

    Some of the most effective filtering is by context filtering, like Bayesian filtering, or at least it would be if spammers spelled correctly, and only included words relative to the subject of their spam message. Such filters give certain points to words and phrases, with some words and phrases counting as more likely spam, and some counted as less likely spam.

    The spammer writes his spam, and then feeds it into a filter that tells him what kind of score it makes. If it's too high, the spammer knows it will never make it past people's filters. So, they start altering the spelling on words that count against them, or they start adding irrelevant words that will likely be scored as less likely spam. Sometimes they combine the method of misspelling the spam words and adding a bunch of nonsense words that aren't likely to be in spam. Then, when they get it to pass the filter without being rejected, they send out a few copies to every man, women, child, their pets, and livestock.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •