I probably don't have to really post this WARNING do I? Nobody here would fall for such a scam, would they? [img]/ubbthreads/images/graemlins/grin.gif[/img]
But anyway, here it is. This is a very poor scam job, probably a very young child or mentally retarded adult. Here's what the email looks like:
Yea, right, all I have to do is type in my account info to claim the $1142.00 from jackman14@yahoo.com.
Note the ridiculasly poor text over phake webpage; not even 3rd grade level work here. This criminal needs a lot of schooling.
What's this crook's trail? Well here's the path the email from "PayPal" came from:
Received: from mta205-rme.xtra.co.nz ([210.86.15.187])
by sccqmxc95.asp.att.net (sccqmxc95) with ESMTP
id <20041227224032q95002en3se>; Mon, 27 Dec 2004 22:40:33 +0000
X-Originating-IP: [210.86.15.187]
Received: from mta1-rme.xtra.co.nz ([210.86.15.240])
by mta205-rme.xtra.co.nz with ESMTP
id <20041227224027.XMZF18126.mta205-rme.xtra.co.nz@mta1-rme.xtra.co.nz>
for <lambda@mchsi.com>; Tue, 28 Dec 2004 11:40:27 +1300
Received: from smtp.xtra.co.nz ([210.55.80.74]) by mta1-rme.xtra.co.nz
with SMTP
id <20041227224025.WZSF22485.mta1-rme.xtra.co.nz@smtp.xtra.co.nz>
for <lambda@mchsi.com>; Tue, 28 Dec 2004 11:40:25 +1300
To: "" <lambda@mchsi.com>
From: "" <service@paypal.com>
Subject: jackman14@yahoo.com has just sent you $1142.00 USD
X-Mailer: Ghost Mail 5.1 http://ay.home.ml.org/
X-Priority: 1 (Highest)
Content-type: text/html
Message-Id: <20041227224025.WZSF22485.mta1-rme.xtra.co.nz@smtp.xtra.co.nz>
Date: Tue, 28 Dec 2004 11:40:27 +1300
Yep, that sure looks like a normal route an email from PayPal to me would take; NOT!
This poor dimwit needs to get busted if for nothing else, just for bogging down the internet with this feces. What a Lamo. [img]/ubbthreads/images/graemlins/thumbsdown.gif[/img]
So you've been warned. Do not feed this idiot; beware of the evil PayPal Phisher.
That particular entity also sent out fake eBay updates just a few days ago. What most people should know by now is that no company will have you update information from anything other than logging in at their website. If they ever do send an email, it would never have a link for logging on.
I got deluged with fake Ebay mails the other week. Sent every last one on to spoof-at-ebay-dot-com for them to deal with. Some clever social engineering at play, and a new trick of using a form button instead of a text link to get around the fact that the address of the forged page is usually displayed at the bottom of the screen when you hover over text links. Wasn`t fooled though, and I almost laughed at the "become a power seller" ones, since I have never sold anything and am not set up to do so. Ebay doesn`t even have my credit card number, I registered before it became necessary. Well, since they bought out Paypal they probably do now, but not directly linked to my account.
But what I don`t understand is how the scum got a hold of my address since it is relatively new, doesn`t yet get spammed and has never been posted out on the internet anywhere. It`s only used for private communication, Ebay and Paypal. As far as I know, you can`t get hold of Ebay users direct mail addresses any more, member or not. So part of me suspects an inside job, some newcomer stole a load of addresses to sell on, and part can`t help but wonder if their user database got hacked or is otherwise accessible somehow. Whatever happened they need to stop it immediately.
I don`t believe in an afterlife but am very willing to entertain the notion of Hell so these criminals can burn there long and hard, even if the authorities can`t catch them when they`re alive......
The only thing I noticed since mid December is a new wave of spam hitting email addresses I hardly ever used. They are trying to sell me tons of fake watches for cheap, guess they figured out they won't earn a dime on me trying to sell me their little blue pills. [img]/ubbthreads/images/graemlins/icon3.gif[/img] [img]/ubbthreads/images/graemlins/ohgeez.gif[/img] [img]/ubbthreads/images/graemlins/icon15.gif[/img]
One way to test if the douchebag is for real is to create a phoney Paypal account (using a disposable email address that gets used for nothing else), and then use another Paypal account to transfer 1˘ or 2˘ to it; wait to verify the money is actually in there, and then "log in" to your new Paypal account via the phoney email and see what happens. Might get a web URL that can be traced, with only a penny or two at risk.
Don't follow links or fill out information into emails. Always go to the website itself by keying in the name.
More importantly, you can do this to a website - in Internet Explorer, watch for the little yellow padlock that shows up on your bottom right. Double click it to read the certificate details. Certs do two things: they enable encryption (defeats people snooping on your traffic) AND it affirms that the site is who they claim to be. For example, https://www.paypal.com 's certificate says Issued To: www.paypal.com and Issued By: Verisign.
So far, I haven't seen any phisher use a site with a legitimate SSL cert, since to obtain one, they have to go through a verification process which involves background checks, possibly a visit from the certificate authority, and such.
Stay safe.
[ QUOTE ] K-T said:
The only thing I noticed since mid December is a new wave of spam hitting email addresses I hardly ever used. They are trying to sell me tons of fake watches for cheap, guess they figured out they won't earn a dime on me trying to sell me their little blue pills. [img]/ubbthreads/images/graemlins/icon3.gif[/img] [img]/ubbthreads/images/graemlins/ohgeez.gif[/img] [img]/ubbthreads/images/graemlins/icon15.gif[/img]
[/ QUOTE ]
Better than the ones telling me I can get a bigger bust.. [img]/ubbthreads/images/graemlins/crackup.gif[/img]
Hi guys,
I had one guy try and get me to pay on a program I diden't order. It diden't show up on the Pay Pal due list. I got e mails about it for four days. It seemed to have stoped. I found it odd that I would buy a copy of Myst for 380 bucks. It seemed safe to ignore.
I use the same mail account since 1997 (when I registered the domain peu.net). Today I receive around 200+ spams a day with days that double or triple that amount.
The phishing mails I receive the most are fake logins for: Washington Mutual, Citibank, Suntrust, Paypal, Ebay, and many others but less frequently.
About 1 1/2 years ago I installed POPFile because the problem was getting worse by the day.
That gives you a media of around 165 mails a day the last 2 months [img]/ubbthreads/images/graemlins/icon15.gif[/img] 80.13% of this amount is SPAM
My advice for not receive more spam: use a disposable email service for registrating at online services that will be used one time only. My preferred are www.mailinator.com (disabled until the end of the year) and www.jetable.org
I can't help you there. If you want \/IAAGRA, \/AL1UM or CIAL11S, I can help you out.
What I don't understand is the list of words that always appears with the ad. What's that all about. For instance in an ad for the world's finest H_G_H, I get this list:
ouagadougou midsection drive alkaloid seance loquacious nucleotide emirate betrothal serviette craftspeople apostrophe allay lithology nash john biennial chart wildcat
Sasha, you realize you are opening yourself up with that statment. Anyhow from pictures you have posted in the past, I think you're all set in that department.
[ QUOTE ] Sasha said:
[ QUOTE ] KevinL said:
Better than the ones telling me I can get a bigger bust.. [img]/ubbthreads/images/graemlins/crackup.gif[/img]
[/ QUOTE ]
Um... er... psssst... can you forward that one to me, please?... [img]/ubbthreads/images/graemlins/rolleye11.gif[/img]
Some of the most effective filtering is by context filtering, like Bayesian filtering, or at least it would be if spammers spelled correctly, and only included words relative to the subject of their spam message. Such filters give certain points to words and phrases, with some words and phrases counting as more likely spam, and some counted as less likely spam.
The spammer writes his spam, and then feeds it into a filter that tells him what kind of score it makes. If it's too high, the spammer knows it will never make it past people's filters. So, they start altering the spelling on words that count against them, or they start adding irrelevant words that will likely be scored as less likely spam. Sometimes they combine the method of misspelling the spam words and adding a bunch of nonsense words that aren't likely to be in spam. Then, when they get it to pass the filter without being rejected, they send out a few copies to every man, women, child, their pets, and livestock.
Warning - PayPal Phishers Hitting CPF Member
Reply With Quote
