cancel
Showing results for 
Search instead for 
Did you mean: 

Phishing - a fairly good one to beware of

N/A

Phishing - a fairly good one to beware of

I can see the toolbar warning in IE, but not in Firefox, have downloaded both extensions,
11 REPLIES
N/A

Phishing - a fairly good one to beware of

This one doed not have the usual sense of urgency asociated with these scams, so I thought I'd paste it here as a warning:

>

Dear Gordon,

We recently noticed one or more attempts to log in to your PayPal account from a foreign IP address.
If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. However, if you did not initiate the log ins, please visit PayPal as soon as possible to change your password:
https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run
Changing your password is a security measure that will ensure that you
are the only person with access to the account.
Thanks for your patience as we work together to protect your account.

Sincerely,
PayPal
----------------------------------------------------------------
Please do not reply to this e-mail. Mail sent to this address cannot be
answered. For assistance, log in to your PayPal account and choose the
'Help' link in the header of any page.
PayPal Email ID PP321

>

Note the bit that says "If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you."
Why, you may think, would a scammer want to give you a reason *not* to click the link? Must be real, mustn't it?
That's exactly what they want you to think, thus lulling you into a false sense of security.
Needless to say, the link isn't to Pay-Pal, it's to
http://200.78.247.207/.secure/uk/cgi-bin/webscr_cmd=_login-run/
(might not be there by now, I reported it a few hours ago)
and, surprise, surprise, when you enter "scammers@aol.com" as your e-mail address and "cobblers" as your password, it accepts these and takes you to a "security measures" page where you have to enter your card details. Shocked :lol:
N/A

Phishing - a fairly good one to beware of

that one again, thanks for the heads up mate

did you also forward it to spoof@paypal.com they appreciate having these sent to them!
N/A

Phishing - a fairly good one to beware of

"did you also forward it to spoof@paypal.com"

No - I just filled in the online form at https://www.paypal.com/ewf/f=pps_spf with the details.

Good thinking though - forwarding it to the spoof addy would give them the headers which may be of use to them, so I'll do that too as soon as I've had my morning wander through the PlusNet forums. Smiley

(Edit)
Now done - that got a (presumably automated) response, which filling in the report form didn't, so looks a better bet - cheers.
I see that the site is still there though - anybody any good at hacking?
Can we replace the front page with one that says:
"If you got here, you're just the person that I'm looking for. I am so broke at the moment that poor me is having to travel second-class on the trains instead of first-class. This is really degrading - please help to restore my dignity by using your bank's online service to transfer not less than £1,000 to my account ..... (etc)"
N/A

Phishing - a fairly good one to beware of

Interesting how they used the ".secure" (notice the fullstop) to attempt to hide the folder from *nix and most major http/ftp deamons. Doing so would exclude it from directory listings....clever bunnies.
N/A

Phishing - a fairly good one to beware of

A good program to use is spoofstick

It displays the real URL that your browser is pointing to :-) , it's good for spotting these sorts of scams.
N/A

Phishing - a fairly good one to beware of

As PlusNet has unlimited email addresses I have a special for Paypal. I have never yet received an email there purporting to be from Paypal, though plenty to other addresses. I delete all Paypal emails from other than my Paypal address.
N/A

Phishing - a fairly good one to beware of

well I just installed spoofstick and clicked on the alleged spoof phishing link and it connected to Pay Pal and spoofstick said "You are connected to Pay Pal"
has anyone else tried it. either it is a paypal connection or spoofstick does not work. any further reports would be of interst to us all I am sure
N/A

Phishing - a fairly good one to beware of

i have installed spoofstick, and clicked on the link, what does it do, how does it tell you, because I get nothing lol, more likely something I am doing something wrong lol
N/A

Phishing - a fairly good one to beware of

Read the installation and useing spoofstick on its website
N/A

Phishing - a fairly good one to beware of

Some confusion here, methinks.

There are two links in my original message.
The first one is the one that was *displayed* in the e-mail - if you click that you will indeed get a genuine PayPal page, because I have simply typed the link as it appeared.
The second one is the site that the disguised link *actually led to* when you clicked it. If you click that, you get nothing, because PayPal had that dud site taken down.
N/A

Phishing - a fairly good one to beware of

robynfali - don't know if this helps, but ....

It may depend on what theme you're using, but I seem to remember that when I first put Spoofstick in Firefox, apart from the usual thing of having to restart the browser for it to install, I also had to use View>Toolbars>Customise to drag it onto the toolbar - it didn't put itself there automatically.