# One *doozy* of a PayPal scam!



## michaelsanford (Jan 7, 2004)

I got an email from service@paypal.com to my Hotmail account and though, hey wait a second, I don't use this account with PayPal.

Then I opened the page, which had an HTML link that was different from the text link (the text link looked valid: ""). It looked kosher until the part about the ATM PIN and the part requesting online banking credentials... 

Check this out:
http://www.paypal.com-webscr-cmd-account-verification @test200.europe.webmatrixhosting.net/

I reported it to PayPal/eBay already...


----------



## RPS (Jan 7, 2004)

Yeah that happened to my dad also, except he got the email on his correct adress.


----------



## Trip (Jan 7, 2004)

Feel free to send donations to stop that scam to the following PayPal account:

Framistan@SpyMac.com


----------



## michaelsanford (Jan 7, 2004)

Well, for such a worthy cause sure!

=P


----------



## Arden (Jan 7, 2004)

Yes, the clincher in that URL is the %00@ part.  That bit means that the URL after the symbols is the real host, and is simply passing itself off as the URl before it.  IE for Windows hides everything after those symbols, so people who get those emails think it's legitimate, which it wouldn't be anyway if it's asking for your PIN number.

There was an article in the Currents (read: Tuesday Life) section of our paper yesterday about this very kind of scandal, called phishing.  The guy got an email purporting to be from Citibank asking for verification of his email address.  Fortunately, he was smart enough to recognize the signs of fraud, but many others aren't so lucky.


----------



## mr. k (Jan 7, 2004)

And because internet explorer is a completely crippled browser that won't be seeing a real update until 2006 (if even) when longhorn comes out, we are stuck dealing with these scams for years.  Plus IE sucks!


----------



## michaelsanford (Jan 8, 2004)

Arden, thanks for the insight, I was trying to figure out how it had a seemingly fully qualified domain name ending in .com but not point to that server...cool.


----------



## symphonix (Jan 8, 2004)

So far this "Phishing" bug only affects users of MS IE, and this has been discussed as a security issue for _months_, with several IT security consultancies placing pressure on MS to fix it. Still, no go.


----------



## Arden (Jan 8, 2004)

That's an interesting way of putting it... it could "affect" anyone, depending on their level of knowledge regarding computers.  Give a pro using IE for Windows that link, where it doesn't show the real URL, and he'll be much more likely to figure out what it is than if you give a novice using someting else the link, where it does show the actual domain.

But you're right, in the technical aspect it only affects Windows IE browsers while Microsoft keeps not caring.


----------



## michaelsanford (Jan 8, 2004)

Arden, you took the words right out of my mouth. Symphonix, while the technical aspect of this only affects IE, I can just abuot guarantee you that my grandmother might very well be taken in by this, not knowing anything about URLs.

This bug is kind of stupid though, I'm surprised something that affects a user's security so blatantly wasn't fixed overnight with the addition of a message box advising the user it could be a spoofed URL, I mean, jeez...


----------



## Cheryl (Jan 10, 2004)

While some of us would be smart enough to take a closer look at the url, there will be some who would not think twice about it and fill out the form. 
I go the same email and could not remember if I even had a PayPal account, I may have several years ago. I decide to not answer that email and trashed it. 

This is just as bad as getting an official letter in the snail mail thinking it is from the government only to find out it is junk.


----------



## michaelsanford (Jan 12, 2004)

Exactly, after all, to the untrained eye, the stream of special characters in the URL could be legit.


----------



## atulperx (Feb 16, 2007)

even i received many fraud paypal emails asking me to confirm confirm money transaction . i noticed  that there are similair stories on aboutpaypal.org" you should visit there for more information .


----------



## nixgeek (Feb 16, 2007)

Welcome to NIGHT OF THE LIVING THREADS! 

Check the date on the posts before yours.  I'm sure that the interest in this topic for those posters has waned in the past 3 years.


----------

