Another attempt at PayPal Fraud

Got an email this morning trying to steal my PayPal info. So beware.

Even though I reported it to the real PayPal, and to the host, the website is still functioning, so I just reported it to the FBI/FCC internet fraud site.

Because of Mailwasher, (and my natural paranoia about such things) I wasn't fooled for a minute, but people using a normal email client with HTML enabled would be fooled that they were using a link that went to the real PayPal site.

If you want to check the FRAUDULENT site out: http://www-paypa1l.com/aw-cgi/secure/index2.htm
(Just don't get confused and enter any real information /ubbthreads/images/graemlins/smile.gif )

Pretty good attempt, but nothing that hasn't been done before.

me too
just got email from ebay saying my account has been used as fraudulent purchase (dunno what that supposed to mean, but i know it is bad) and it asked me to log in to my ebay acc to clear up things.
i just deleted the email and log in to my ebay account by opening new internet browser. nothing happening on ebay regarding my account

Holy ....!

I know better than to access PayPal through anything but my bookmark, but that one is going to suck a lot of poor souls in. https too???

Thanks Silveron for reinforcing my paranoia!!!

Larry

(Damn you're fast shiftd) /ubbthreads/images/graemlins/grin.gif

Larry

LoL
(young hands) /ubbthreads/images/graemlins/tongue.gif

Actually, it isn't a secure server. The URL in the address bar is spoofed too. Right click on the page itself and click on "properties" and you'll see that it is a regular http page.

Also notice that there is no little lock symbol in the status bar.... In fact, I think that (probably Javascript) on the page causes the status bar to be hidden, (at least on my IE browser).

Never, never, use the links in the e-mails.
Always type it.

I received one that setup for logging and then redirected to the REAL paypal site. The message was the best fake I've seen in a while, too.

I just 'submitted' a bunch of expletives to the site.

PayPal has been notified, so let's see how long it takes for them to get rid of the site.

I always type the address in my address bar, rather than following an email link.
So far, so good. /ubbthreads/images/graemlins/smile.gif

Paypal doesn't care at all. I sold a radio on ebay few months back and paypal customer wanted to ship an item to unverified address. My auction stated verified only. So he gives me the story about his firefighter son bday gift (that was low), pays for overnight shipping and needs a rush delivery on that. Day later I receive email from the owner of paypal account stating that she never ordered anything. So I refund the money. Guy goes in and pays again with the same account. I refund the money again. I never shipped the item. I call paypal to say that there is fraud going on but they were like "Oh well whatever". I spoke to the manager and he was also ignorant. As long as they are not the one loosing money Paypal couldn't care less about you as a customer. Certainly didn't make me feel any safer thinking about my account being in the hands of incompetent company like Paypal.

Matt

Beats me why anybody uses PayPal at all these days, although I do use it for payments to CPF. I use WorldPay for Wavicle's online transactions, it's not the cheapest (especially with the Guarantee service) and there will always be a fraud threat with any Cardholder Not Present transactions, but you get what you pay for and what I get is a better night's /ubbthreads/images/graemlins/sleepy.gif

If you want someone else to report these shenanigans too, then PayPal Sucks are always interested.

And while you're here take a minute or two to read about what it's really like at PayPay by one of their former managers. Here's a few quotes...

"Pay-Pal DID start as an honest, legitimate company with an innovative service concept. However, in my opinion, this concept can never actually WORK in the real world..."

"since PP can't usually catch the scammers and dosen't want to loose customer base by making things more stringent to start with- they decided to simply re-coup their chargebacks from the pockets (and accounts) of good, solid people..."

"...lots of complaints from those who have BOUGHT things and paid through PP who find their credit cards suddenly drained and/ or billed multiple times for the same transaction. The answer is simple; PP has very lax hiring procedures..."

"For buyers the answer is real simple: NEVER use PP under any circumstances. Ever. You simply have NO control over who has access to your information..."

/ubbthreads/images/graemlins/eek.gif /ubbthreads/images/graemlins/drool.gif /ubbthreads/images/graemlins/faint.gif

Well, that'll be my PayPal account shut down then. Sorry, Sasha - looks like you may need to make alternative arrangements /ubbthreads/images/graemlins/frown.gif

Woah... thats the best trojan site I've ever seen... It hides the address bar and displays a fake (which is slightly off color) with the PayPal URL.

I'll be darned JS... Great catch.

I didn't notice that myself; I did view the source code on the page, but I'm not good enough at Java to understand most of it.

Maybe there are a few new tricks to this scam after all.

I can't believe that the site is still up since I reported it to everyone I could think of. Last tome I reported a spoof site it was taken down within 3 hours.

I only use Paypal for CPF and access it through my bookmark, or type the URL. I created a separate checking account to be Paypal-verified, put a few dollars into it and use my CC for ALL paypal purchases. Max CC liability is $50.00. I would NEVER give Paypal my primary acct info!

Brightnorm

I too received the same e-mail but has anyone received the bank ones?

I've been sent similar e-mails to Paypal but these involve Bank One and Wells Fargo. It is the respective online banking sign on pages and they look nearly identical. Clever but if you open a separate URL and go to the correct home pages there is a warning about the fraudulent e-mails.

Phishing emails are also going around for citicorp, citigroup, citi, etc.

There's an organization actively tracking the explosion of 'phishing' spam mails -- www.antiphishing.org

kf

I got one "from Bank One" a couple of months ago...

But I closed my account there three years ago, so I knew it was a scam.

Thanks for the link to the anti phishing site. I think I'll send this most recent thing to them.