共用方式為


Deep C Phishing: PayPal Security Notice Fraud Alert....

Just a few minutes ago - I was almost "Phished". I received an email at one of my personal email accnt with the title.

PayPal Security Notice ID #352928679 - Identity Confirmation Request from service@paypal.com

A near-perfect Phish - since I was expecting a paypal payment from a friend anyday now and knew I would get an email from this address. And the link takes you to a very pay-pal looking website too. And being a paypal user for over 4 yrs for nearly 100 transactions so far - this is quite intimidating.

A Simple google confirmed that this was indeed a Phish - see here for details

Yes - I realise I did a NEO dodging this bullet - but seriously I had some help. No not from a Morpheus guy - but just recently I had changed my Paypal login to a different accnt than the accnt I got the email in. The rest is - oh well, Elementary Dear Watson.

Comments

  • Anonymous
    July 14, 2005
    I've received this email a few times. I was immediately able to find that it was 'phising' because i never have a paypal account!!! Of late, i've been receiving similar fraudulous emails from people calling themselves as 'ebay.' Even though i've an ebay account, it was easier to find out!
  • Anonymous
    July 14, 2005
    Yea Balaji - You should see the Phishes from Citibank. They are super-authentic.
    Thankfully they expected me to login to the website and do some edits - which was wierd for a Bank Accnt.

    But for Paypal - its quite normal in terms of operations - which is what could make this quite successful.
  • Anonymous
    July 14, 2005
    The comment has been removed
  • Anonymous
    July 14, 2005
    The comment has been removed
  • Anonymous
    July 14, 2005
    I had rec'd a washington mutual email once about abormal activity on my account and a call to login from the link in the email and verify information. Of course I had no WAMU account personally, but being curious I followed the link and eventually got to the page and tried to disassemble it. Here are somethings I observed -
    1.) Exact copy of the WAMU page including the source (well almost exact), hosted on some strange webserver.
    2.) No lock icon or hosting on https: (this is normally the dead give-away)
    3.) Almost all links except one, direct you to other WAMU pages (which are asp pages BTW)
    4.) The main "login" link leads you to some unknown php page.
    Smart eh ? But using an ordinary non-techie person as an example, it is easy to see how one would fall for these scams.