Date Reported 17th January 2005
Apparent Sender PayPal
Return Address PayPal < service@paypal.com >
Subject PayPal Account Protection
Format HTML
Method Spoof email links to a spoof webpage where victim is prompted to enter their details believing the site is genuine. Details are then forwarded to a local script and captured.
Bogus Web Content? Yes
URL of web content http://www.gummygrins.com/site/hgdas676bsda6gwcv7zfcwfcwf34gfwf23g235f134f3fg3f&bhdfahva685
32hbhwsupdateISAPI.dllPaymentLanding&ssPageName=hhpayUSf&=userhgads&secure&ssl7r2vbd7d888.html
RISK LEVEL MEDIUM
WARNINGS 1. Email claims to be from PayPal asking you to confirm your account data by clicking on the link. You will be taken to a spoof login page where your details will be captured by the phishers.
2. PayPal never send users emails requesting details in this way.
3. URL of spoof website very obviously not PayPal.
4. URL disguised as https://www.paypal.com/cgi-bin/webscr?cmd=_login-run . Looks secure (https), but isn't!
5. Website traced to Texas, USA
6. Website not online at time of report, but likely to resemble the real PayPal login page when active.
" Dear valued PayPal ® member: PayPal ® is committed to maintaining a safe environment for its community of buyers and sellers."
If you have received this email, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content or the same but with the fake page(s) hosted by a different provider. Also, once you have received one of these hoaxes, it is also common place to receive at least another one and usually a day or two after the first, although not necessarily from the same apparent sender.
|
