Page 1 of 2 12 LastLast
Results 1 to 25 of 26
  1. #1
    A Real *and* Darn Cool Member! lstolze's Avatar
    Join Date
    March 23rd, 2005
    Posts
    822
    Exclamation 'New' Phishing Tactic?
    Just wanted to give a heads up on this:
    ---------
    Dear Paypal User,

    You have added atv1buy@yahoo.com as a new email address for your PayPal account.

    If you did not authorize this change or if you need assistance with your account, please contact PayPal customer service at:

    http://www.paypalonlineupdate.com/in...cmd=_login-run

    Thank you for using PayPal! The PayPal Team

    Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the header of any page.

    ------------------------------------
    PROTECT YOUR PASSWORD

    NEVER give your password to anyone and ONLY log in at
    https://www.paypal.com/.Protect yourself against fraudulent websites by opening a new web browser (e.g. Internet Explorer or Netscape) and typing in the PayPal URL every time you log in to your account.

    -------------------------------------

    PayPal Email ID PP75001
    ----------

    If you check the domain of the url it tells you to go to, it was just registered to this guy in California on the 22 of June. I never received one of these Paypal phishes before, so I wanted to share.
    ~Lisa - Brilliant Mastermind, or Nut? You decide!

  2. #2
    Plazan Merchant Neil's Avatar
    Join Date
    February 25th, 2005
    Location
    cyprus
    Posts
    1,764
    thanks for info Lisa.
    Find us at shareasale.com 12% commission
    Shareasale Merchant 7191
    PLAZAN SKIN CARE As seen on TV . Used by Jennifer Lopez

  3. #3
    Resident Genius and Staunch Capitalist Leader's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    12,817
    I've gotten a few of those lately. Some have variants as to what personal info was changed, but they all mention some specific change like that.

    There's another scam I've seen recently that sends emails on a schedule, as in:
    (Email 1) Please confirm your paypal account details
    (Email 2) Pending paypal account deactivation. Confirm your details within 48 hours...
    (Email 3) URGENT! Confirm your paypal details within 24 hours to avoid deactivation!
    (Email 4) (subject) Paypal Account Deactivation Notice (email body) Confirm your account details to reactivate your account...

    I'm also seeing similar emails to those, and the one Istolze got, pretending to be from eBay. It's either the same phisher, or one of the crooks is a copycat...
    There is no knowledge that is not power. ~Hemingway

  4. #4
    15 years and counting
    Join Date
    January 18th, 2005
    Posts
    6,121
    I deleted two of them this morning (pending PayPal deactivation) and an other one is coming.
    (subject) PayPal Account Security Measures
    We recently noticed an attempt to log in to your PayPal account from a foreign IP address and we have reason to belive that your account was used by a third party without your authorization.

    With 2 or 3 a day, it's no more phishing, it's spam.

  5. #5
    ABW Ambassador buy_online's Avatar
    Join Date
    January 18th, 2005
    Location
    Richmond, VA
    Posts
    3,234
    Nice.

    I have also been hit recently by bunches of emails addressed to various (non-existent) users at one of my sites. All of the emails say something like "Account suspended" and have this wonderful 40K attachement

    Thank you Lisa !

    Fred

  6. #6
    Affiliate Manager Allen Nance's Avatar
    Join Date
    January 18th, 2005
    Location
    Colorado River, Bullhead City AZ
    Posts
    1,604
    I always forward them to mailto:abuse@paypal.com along with the header information so they can get the server closed down asap. Crying shame that the perps continue to pull this poop on unsuspecting drooling internet users.

    Poopie don't play that!

  7. #7
    Resident Genius and Staunch Capitalist Leader's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    12,817
    I've forwarded quite a few to abuse@paypal.com (yeah, even I have to agree that some things do need narking on ), but I'm never sure that the headers are going along with them. Do you (or anyone) know how to make sure Outlook Express sends that info?

    (Anti-MSers: No I'm not going to quit using OE )
    There is no knowledge that is not power. ~Hemingway

  8. #8
    "An Englishman In New York" TJ's Avatar
    Join Date
    January 18th, 2005
    Posts
    3,282
    Quote Originally Posted by Leader
    Do you (or anyone) know how to make sure Outlook Express sends that info?
    If you save them up and FORWARD multiple messages at a time, all headers will be included

    I send mine to spoof@payal... is abuse better? I really don't want their "Yes this IS a spoofed email" replies
    Rosey Bear Boutique
    Dressy Children's Fashions With Style!
    5% Commission : NYS Merch : Parasite FREE
       Akoss Hosting
    We also provide reseller accounts for ABW members.
    Ask for details


  9. #9
    Resident Genius and Staunch Capitalist Leader's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    12,817
    Thanks for the tip. Next time I'll send 'em a whole batch at once.

    I send mine to spoof@payal... is abuse better? I really don't want their "Yes this IS a spoofed email" replies
    Oh...

    Sorry, it was indeed spoof@paypal that I had sent mine to. When I saw the other address (abuse@) my mind instantly forgot that for paypal it's "spoof..." (That's usually what happens when I type at this time of day. I should be asleep, but I got into messing with a new program...)

    So I'll leave the question of whether "abuse" is better for Poopie to answer...
    There is no knowledge that is not power. ~Hemingway

  10. #10
    15 years and counting
    Join Date
    January 18th, 2005
    Posts
    6,121
    I must say I don't forward anything now. I did it at the beginning but there's way too many. Two more just came in.
    PayPal Flagged Account
    If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. Therefore, if you are the rightful account holder, click on the link below to log into your account and follow the instructions.

    Never seen this one before
    PayPal Billing Service (TOS) Violation or Future Billing Problems
    We are currently performing regular maintenance of our security measures. Your account has been randomly selected for this maintenance, and you will now be taken through a series of identity verification pages.

  11. #11
    notary sojac Herb ԿԬ's Avatar
    Join Date
    January 18th, 2005
    Location
    Central/Western NY State
    Posts
    7,741
    Quote Originally Posted by buy_online
    Nice.

    I have also been hit recently by bunches of emails addressed to various (non-existent) users at one of my sites. All of the emails say something like "Account suspended" and have this wonderful 40K attachement

    Thank you Lisa !

    Fred
    and that one's a virus

  12. #12
    Moderator MichaelColey's Avatar
    Join Date
    January 18th, 2005
    Location
    Mansfield, TX
    Posts
    16,232
    I just got a new phishing email that wasn't as obvious:

    Question from eBay Member -- Respond Now

    eBay sent this message on behalf of an eBay member via My Messages.

    Responses sent using email will not reach the eBay member. Use the Respond Now button below to respond to this message.

    Question from andymac54


    Hello,

    I recently placed a bid on item#5594867578 being a wheelchair for me that i really need do to my age(87 years old) and it seems that i can not find the auction anymore...May i please know if you are the seller of the item above?
    Regards,


    Gretta.

    Respond to this question in My Messages.

    Thank you for using eBay!
    The email was formatted very similar to the eBay message from a member (but was lost when I copied it here). The link (which I removed) was to a Russian site that looked just look the login page for eBay. The email was sent to an address that isn't registered at eBay and SpamNet sent it to my spam folder, so it was pretty obvious to me, but I could see how many people would be suckered in. Who wouldn't help an 87 year old?
    Michael Coley
    Amazing-Bargains.com
     Affiliate Tips | Merchant Best Practices | Affiliate Friendly? | Couponing | CPA Networks? | ABW Tips | Activating Affiliates
    "Education is the most powerful weapon which you can use to change the world." Nelson Mandela

  13. #13
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    With 2 or 3 a day, it's no more phishing, it's spam.
    Ahem to that! I'm getting over 500 a day now at least. I'm actually filtering them to a separate mailbox now so it's easier for me to quickly scan them and pick out legit emails from PayPal before I hit the nuke button. I don't even bother to open them anymore nor forward them to PayPal with the quantity I'm receiving. But some of them are very clever now and really look like legit emails from PayPal or Ebay. The one good thing about Eudora is that when you mouse over a URL in an email, if the destination URL doesn't match the text for the URL in the email it gives you a warning and shows what the real destination URL will be. That's a nice feature.

    There really are some sick campers in this world.

  14. #14
    Newbie
    Join Date
    May 21st, 2005
    Location
    Western Australia
    Posts
    24
    spoof@paypal.com will not accept attachments or 'forward as attachment' so you have to forward them one at a time. I do this in the hope someone somewhere will get caught

  15. #15
    "An Englishman In New York" TJ's Avatar
    Join Date
    January 18th, 2005
    Posts
    3,282
    Quote Originally Posted by Kellie aka Ms. B
    Ahem to that! I'm getting over 500 a day now at least.
    I've noticed since I started using eBay/Paypal more frequently I have been getting more of these, and even some to my dedicated addresses.... I think some of these kids figured out some header fishing!
    Rosey Bear Boutique
    Dressy Children's Fashions With Style!
    5% Commission : NYS Merch : Parasite FREE
       Akoss Hosting
    We also provide reseller accounts for ABW members.
    Ask for details


  16. #16
    Full Member asr_guy's Avatar
    Join Date
    June 12th, 2005
    Location
    Canada
    Posts
    310
    One way the PayPal phishers find you
    I am convinced that one way they find you as a target is they spider the web looking for those Paypal payment buttons. I have one on my site to "make a donation" and less than 2 weeks after I put it up I started getting PayPal phishing emails - about one per day.

    I think they have it all automated and just phish all the email addresses they can harvest off your site.

    I'm not paranoid - I know they are out there watching

    Cheers,
    Peter

  17. #17
    "An Englishman In New York" TJ's Avatar
    Join Date
    January 18th, 2005
    Posts
    3,282
    I agree for the Paypal accounts, safest bet there is to make encrypted buttons. But my eBay email has only been shared with customers and eBay
    Rosey Bear Boutique
    Dressy Children's Fashions With Style!
    5% Commission : NYS Merch : Parasite FREE
       Akoss Hosting
    We also provide reseller accounts for ABW members.
    Ask for details


  18. #18
    A Real *and* Darn Cool Member! lstolze's Avatar
    Join Date
    March 23rd, 2005
    Posts
    822
    Quote Originally Posted by asr_guy
    I am convinced that one way they find you as a target is they spider the web looking for those Paypal payment buttons. I have one on my site to "make a donation" and less than 2 weeks after I put it up I started getting PayPal phishing emails - about one per day.

    I think they have it all automated and just phish all the email addresses they can harvest off your site.

    I'm not paranoid - I know they are out there watching

    Cheers,
    Peter
    In my case it was sent to an email that I only use for a couple things - so they were certainly just trying to phish me out - no paypal buttons or email farms for this email addy.

    I haven't seen that ebay one yet. That's original! Gotta give 'em A for uniqueness.
    ~Lisa - Brilliant Mastermind, or Nut? You decide!

  19. #19
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    718
    Another angle
    A new one that I've seen recently is the email indicating that you have received a PayPal payment.

    This one has lots of text explaining how you can avoid PayPal fraudsters which is, of course, bull hockey intended to lull you into a false sense of security.

    Click on the hyperlink 'View details of this payment online and you are, of course, diverted to a copy of the PayPal login page asking you to login with your prized account details.

    Do they think we are stupid?

  20. #20
    Super Sh!t Stirrer SSanf's Avatar
    Join Date
    January 18th, 2005
    Posts
    9,944
    Quote Originally Posted by microdot
    Do they think we are stupid?
    Yes.
    Comments are opinion unless otherwise noted. Remember, pillage first. Then burn. Half of all people in the world have IQs under 100. You best learn to trust ol' SSanf!

  21. #21
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    I don't think it's necessarily a matter of being stupid. They have gotten much more sophisticated with these scams. My Mom had her Ebay account compromised yesterday. She is aware of phishing emails. She forwards them to Ebay all the time. She just got snookered. It was sent out as a promotional email from Ebay about being a Power Seller. Luckily she was online when the person started listing under her account within 20 minutes or so. Ebay called her and said the Power Seller email was the latest thing that had just came up.

    I know some of the PayPal ones make me look real hard to figure out if they are legit from PayPal or not. It's not so easy to pick them out these days.

    Personally, I think Ebay and PayPal need to never put a click link in ANY of their emails. ANYTHING they send you will show up in your account when you log in. In fact the guy from Ebay told my Mom last night to NEVER click a link on an email, even buy/sell notices. So if that's the case, they need to never have a click link in their emails. Just give you the info and tell you to log into your account by direct type-in to view the information. With a disclaimer that all official emails from them will never have a link to click. Seems that would go a long way to solve this problem.

  22. #22
    Moderator MichaelColey's Avatar
    Join Date
    January 18th, 2005
    Location
    Mansfield, TX
    Posts
    16,232
    Usually, the biggest giveaway is personalization. Official emails will always have your name in them. Phishing scams almost never do.
    Michael Coley
    Amazing-Bargains.com
     Affiliate Tips | Merchant Best Practices | Affiliate Friendly? | Couponing | CPA Networks? | ABW Tips | Activating Affiliates
    "Education is the most powerful weapon which you can use to change the world." Nelson Mandela

  23. #23
    Outsourced Program Manager Jorge - SHOPiMAR's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    3,550
    I got scared about this one. Never seen them send a greeting card before.

    Has anyone received this one?

    Received on 7/1/05

    ===========
    Dear Jorge Ramirez,

    A special 4th of July greeting card awaits you!

    You can view your message at: godaddy.com/gdshop/holiday/independence2005.asp?isc=gdg0701grt

    Happy 4th of July -- Enjoy!

    Sincerely,

    GoDaddy.com(R)
    ===============

    You can dare to add the www and try it yourself, at your own risk.

  24. #24
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    I've opened a musical greeting card once with the required viewer installing a trojan and other malware back in 2002. Never opened a greeting card since...and never will again. That type of socially engineered freebee can kiss my butt. Ms.B has the perfect solution for PayPal. merchant order notifications and eBay alerts. The official ones should never have a web link in them.

    This is organized cybercriminals ...not some pranksters.
    Webmaster's... Mike and Charlie

    "What have you done today to put real value into a referral click...from a shoppers viewpoint!"

  25. #25
    Kung Fu Master Eathan's Avatar
    Join Date
    January 18th, 2005
    Posts
    1,833
    As far as I know spam@uce.gov is still looking for phishing scam emails.

    -----

    jrami, godaddy sends everything they can think of (more every frickin' day), including greeting cards, so I wouldn't stress that one. Just logging in seems to generate 6 more emails from them these days...

    I'm getting sick of godaddy. Just the other day I registered a new domain and they added 2 years of hosting for another domain I own to my cart without asking! The sea of skips and upsell avoidance is bad enough, but this one had no warning, just $60+ sitting in my cart! I change a DNS setting - email, I unlock a domain - email, I lock it again - email, I call tech support and it's one long upsell - on my dime! Consider the greeting card just one more spam smelling straw that godaddy keeps heaping on.

    They'll be losing my business soon...
    Eathan Mertz

    Black Cat Mining - Gold Prospecting & Rockhounding Equipment

+ Reply to Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Is this a Sneaky Merchan Tactic?
    By janew in forum ShareASale - SAS
    Replies: 1
    Last Post: October 25th, 2013, 11:58 AM
  2. Save on Summer Fashion with Tactic
    By ETemple-AffiliateWindow in forum Promotions, Sales, and Coupons on Affiliate Window
    Replies: 0
    Last Post: June 15th, 2012, 10:21 AM
  3. Gadget Universe Amazing Tactic
    By redsand in forum Commission Junction - CJ
    Replies: 5
    Last Post: November 1st, 2003, 02:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •