Results 1 to 16 of 16
  1. #1
    ABW Veteran Mr. Sal's Avatar
    Join Date
    January 18th, 2005
    Posts
    6,795
    I just get this crap on my email box.

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    Dear valued PayPal® member:

    It has come to our attention that your PayPal® account information needs to be
    updated as part of our continuing commitment to protect your account and to
    reduce the instance of fraud on our website. If you could please take 5-10 minutes
    out of your online experience and update your personal records you will not run into
    any future problems with the online service.

    However, failure to update your records will result in account suspension.
    Please update your records on or before May 10, 2004.

    Once you have updated your account records, your PayPal® session will not be
    interrupted and will continue as normal.

    To update your PayPal® records click on the following link:
    http://www.paypal.com/cgi-bin/webscr?cmd=_login-run


    Thank You.
    PayPal® UPDATE TEAM

    Accounts Management As outlined in our User Agreement, PayPal® will
    periodically send you information about site changes and enhancements.

    Visit our Privacy Policy and User Agreement if you have any questions.
    http://www.paypal.com/cgi-bin/webscr...rivacy-outside

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    I did was I was advised to do and that is why I edited this part too.

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    Sal.
    ...

  2. #2
    Newbie
    Join Date
    January 18th, 2005
    Posts
    33
    This spoof was covered in several previous threads including this one:

    http://abw.infopop.cc/eve/ubb.x?a=tp...115#8696001115

    ejruss
    Abe's T-Web

  3. #3
    http and a telephoto
    Join Date
    January 18th, 2005
    Location
    NYC
    Posts
    17,708
    I get these everyday for PayPal, eBay, Citibank, eGold, Fleet and any other bank or online service they can pretend to be. All to addresses that are NOT registered with the services that I do belong to and mostly to yahoogroupname-owner

    Not new, and they don't have your personal information. Didn't I read there is a new name for this? Phishing?

    Anyway, most don't even hide the fake url well and by the time you report them, they have been shut down and/or have moved on to another name/scam.
    Deborah Carney
    TeamLoxly.com BookGoodies.com ABCsPlus.com

  4. #4
    ABW Veteran Mr. Sal's Avatar
    Join Date
    January 18th, 2005
    Posts
    6,795
    Sorry ejruss but, that link from 6 months ago, it's not related to today's latest bull crap that I just received.

    Sal.
    ...

  5. #5
    ABW Ambassador buy_online's Avatar
    Join Date
    January 18th, 2005
    Location
    Richmond, VA
    Posts
    3,234
    The other SPAM that goes with this stuff, is the false Yahoo, and Hotmail emails. You look at the HTML formatted email, and they used the same login, logos etc.

    The trick is that you put your login and password into the form - and it gets sent to the spammers.

    All I can ever think about is someone like my daughter (19 y.o.) who wouldn't know any better. Makes me mad.

    Fred

  6. #6
    Eternal Optimist Look4's Avatar
    Join Date
    January 18th, 2005
    Location
    Home base: Pennsylvania
    Posts
    438
    How are they spoofing the web page with the form?
    http://www.paypal.com/cgi-bin/webscr?cmd=_login-run
    That's the actual paypal.com domain, so unless they hijack the DNS servers, I don't see how it is a fake.
    All the others had fake but real sounding domains i.e.: www.citicards.com
    Tom C.
    [URL=http://www.cafepress.com/simplesignshop]Simple Sign Shop[/URL]

    Every day leave someone or something better than you found it.

  7. #7
    ABW Ambassador Andy's Avatar
    Join Date
    January 18th, 2005
    Posts
    4,178
    Send the message and its headers to PayPal, and let them investigate. I've heard they're pretty good at tracking these apes down, even if the account has already been closed.

    Andy

  8. #8
    ABW Ambassador buy_online's Avatar
    Join Date
    January 18th, 2005
    Location
    Richmond, VA
    Posts
    3,234
    When I first saw one of these SPAMS, I forwarded it to abuse@paypal.com. They actually responded, saying that they couldn't accept this type of complaint or problem, that I had to log in and use their on-line form to report illegal emails - what a PITA! - and all to help them.

    Fred

  9. #9
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    You need to look at the message SOURCE HTML rather than just the message.

    A common and effective trick is to to code the HTML like this:

    <A HREF="http://www.ripoff.com/">http://www.paypal.com/</A>

    It works because the email *say* http://www.paypal.com/ but the hyperlink goes elsewhere. It's easy to be fooled, because it's an HTML formatted email message that's designed to look like plain text. What's worse is that there's a serious flaw in Internet Explorer where the scammers can display a fake URL in the address bar.

    The solution are - type in the address manually (http://www.paypal.com), change to a better browser (e.g. Mozilla - http://www.mozilla.org/) or view the SOURCE of every document you get like this.
    Innovative advertising with Slimeware Corporation and Telephore. Mail-order fuel with Petrol Direct.

  10. #10
    Intergalactic Trader IGshop's Avatar
    Join Date
    January 18th, 2005
    Posts
    87
    Forward the email to spoof@paypal.com. That's what I do with mine and received a nice little acknowledgement.

    Jim

  11. #11
    Full Member
    Join Date
    January 18th, 2005
    Posts
    247

  12. #12
    Newbie Affiliate Ian's Avatar
    Join Date
    January 18th, 2005
    Posts
    1,540
    Yeah, I made a similar post a while back. The spoofing is actually quite sacry. The hyperlinks indicate that it will take you to paypal.com. And in the event my testing, it actually landed on a paypal.com domain somehow. Unless it was a paypa1.com (l=1) that I misread the domain...

    I reported this to Paypal and a few days later the landing page gave "could not find server" error. Paypal must have shut them down. But I am sure they wil be back and are doing this all over again.

    Gotta love these guys / gals.

  13. #13
    ABW Veteran Mr. Sal's Avatar
    Join Date
    January 18th, 2005
    Posts
    6,795
    I hate all the Spammers but at least the Spammers are trying to make some money from the spam they send, but this kind of crooks are trying to wipe your entire account if you make the mistake of replying to one of those official looking e-mails.

    Now 24hrs later, I feel better and now I know where to forward any future crooks e-mail.

    Thanks to all of you for your impute.

    Sal.
    ...

  14. #14
    Member
    Join Date
    January 18th, 2005
    Posts
    100
    I dont recommend you do ANY business with paypal. I have dealt with them before and thought it was a good, legit company...until my balance went negative 2,000 in there lol. There are lot of people who lost much more than that by sending someone tangible goods and receiving fraud payment for it and of course paypal can't do anything about it. Stop using paypal till its too late or be very careful. I HATE PayPal! check out paypalsucks.com if u dont believe me...

  15. #15
    Newbie
    Join Date
    January 18th, 2005
    Posts
    46
    Never, EVER EVER EVER, click a link located in an email if it has any relation to an account or password of any kind. It's one thing to be suprised by the complexity of these scams, but it's another entirely to actually fall for them. Always open a fresh browser window and hand type in the URL before logging in.

    Just think, once you work your way through the PayPal scam artists, you still have the crooked PayPal corporation and employees to protect your assets from.

    Regards,
    Tom

  16. #16
    More Cheesier Than Ever Cheesehead's Avatar
    Join Date
    January 18th, 2005
    Location
    Land of The NFL Champs!
    Posts
    2,942
    Good advice Tom. The link could also be an executable program. Yes, I always hand type in the URL. Unfortunately, as soon as these scum are shut down they are back in business. The URL registry should have some way to ban scum from getting new domains, particularly in countries making little effort to regulate anything illegal.

    I am starting to now get emails offering codiene! What's next, heroin? Why not?
    This World is Not My Home
    We're gonna go inside, we're gonna go outside, inside and outside. . . And then we're gonna go go go and we're not gonna stop til we get across that goalline! Quotes from the movie Rudy, 1993

  17. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Featured: OneCall.com - Crooks?
    By isellstuff in forum ShareASale - SAS
    Replies: 4
    Last Post: February 15th, 2013, 02:25 PM
  2. SAHS Latest Spam (MyInks?)
    By Donuts in forum ShopatHomeSelect
    Replies: 4
    Last Post: February 3rd, 2006, 10:02 AM
  3. Latest Spam from 180
    By Chris - AMWSO in forum Suspicious Activity!
    Replies: 4
    Last Post: December 16th, 2004, 10:40 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •