|
#1
January 7th, 2004, 12:00 PM
| ||||
| ||||
| One *doozy* of a PayPal scam! I got an email from service@paypal.com to my Hotmail account and though, hey wait a second, I don't use this account with PayPal. Then I opened the page, which had an HTML link that was different from the text link (the text link looked valid: ""). It looked kosher until the part about the ATM PIN and the part requesting online banking credentials... :P Check this out: http://www.paypal.com-webscr-cmd-acc...ixhosting.net/ I reported it to PayPal/eBay already...
__________________ michaelsanford.com Blog Twitter Tumblr LinkedIn iMac Aluminum 24" | MacOS X 10.5-current | 3.06 GHz Intel Core Duo | 4 GB RAM | 1 TB HDD iBook G4 1.42 GHz | MacOS X 10.5-current | 1 GB RAM, 100 GB HDD AMD Athlon64 3500+ | Slackware 12 (2.6.21.5-smp) | 2 GB RAM, 2120 GB RAID 1, 2500 GB RAID 0  |
|
#2
January 7th, 2004, 01:25 PM
| ||||
| ||||
| Yeah that happened to my dad also, except he got the email on his correct adress.
__________________ * iMac G4 running 10.3.4 My iChat Screenname: zxyRobertzxy (aim) Last edited by bobw; January 7th, 2004 at 05:36 PM. |
|
#3
January 7th, 2004, 05:27 PM
| ||||
| ||||
|
__________________ 13" MacBook - 2GHz. 2 GB RAM. OS 10.4.7 12" iBook - 500 MHz. 640 MB RAM. (R.I.P.) TannerSite.com |
|
#4
January 7th, 2004, 06:18 PM
| ||||
| ||||
| Well, for such a worthy cause sure! =P
__________________ michaelsanford.com Blog Twitter Tumblr LinkedIn iMac Aluminum 24" | MacOS X 10.5-current | 3.06 GHz Intel Core Duo | 4 GB RAM | 1 TB HDD iBook G4 1.42 GHz | MacOS X 10.5-current | 1 GB RAM, 100 GB HDD AMD Athlon64 3500+ | Slackware 12 (2.6.21.5-smp) | 2 GB RAM, 2120 GB RAID 1, 2500 GB RAID 0 |
|
#5
January 7th, 2004, 08:16 PM
| ||||
| ||||
| Yes, the clincher in that URL is the %00@ part. That bit means that the URL after the symbols is the real host, and is simply passing itself off as the URl before it. IE for Windows hides everything after those symbols, so people who get those emails think it's legitimate, which it wouldn't be anyway if it's asking for your PIN number. There was an article in the Currents (read: Tuesday Life) section of our paper yesterday about this very kind of scandal, called phishing. The guy got an email purporting to be from Citibank asking for verification of his email address. Fortunately, he was smart enough to recognize the signs of fraud, but many others aren't so lucky.
__________________ System: 2.5 GHz MacBook Pro Core 2 Duo, 4 GB RAM, 200 GB hard drive, runs 10.5.4 1.6 GHz iMac G5, 1.5 GB RAM, 250 GB hard drive, runs 10.4.11 iPhone, 4 GB, OS X 2.0.2 |
|
#6
January 7th, 2004, 08:50 PM
| ||||
| ||||
| And because internet explorer is a completely crippled browser that won't be seeing a real update until 2006 (if even) when longhorn comes out, we are stuck dealing with these scams for years. Plus IE sucks!
__________________ iMac G3 600Mhz, 256MB RAM, 40GB HD, 10.3.5 20GB iPod (Click Wheel) w/ Griffin iTrip // AIM:kjell05 |
|
#7
January 8th, 2004, 12:03 AM
| ||||
| ||||
| Arden, thanks for the insight, I was trying to figure out how it had a seemingly fully qualified domain name ending in .com but not point to that server...cool.
__________________ michaelsanford.com Blog Twitter Tumblr LinkedIn iMac Aluminum 24" | MacOS X 10.5-current | 3.06 GHz Intel Core Duo | 4 GB RAM | 1 TB HDD iBook G4 1.42 GHz | MacOS X 10.5-current | 1 GB RAM, 100 GB HDD AMD Athlon64 3500+ | Slackware 12 (2.6.21.5-smp) | 2 GB RAM, 2120 GB RAID 1, 2500 GB RAID 0 |
|
#8
January 8th, 2004, 01:04 AM
| ||||
| ||||
| So far this "Phishing" bug only affects users of MS IE, and this has been discussed as a security issue for months, with several IT security consultancies placing pressure on MS to fix it. Still, no go.
__________________ - iMac G5 1.8GHZ 17" | SuperDrive | 160GB | 512MB | Airport Extreme | Bluetooth Keyboard & Mouse | Wacom Intuos II - Pentax *ist DL - JVC MiniDV Camcorder - Airport Express - iPod Nano 1gb white |
