PayPal phishing - another tactic

I'm posting this in General Discussion for now since I know many don't peruse Computer Talk at unless they have computer problems (or they're just geeks like Howie and me).

I received a phishing attempt from someone pretending to be from PayPal today. That's nothing new, but this one had a little different slant to it and may dupe people who aren't used to fielding these fraudulent e-mails. here's the text from the e-mail I received. I've put spaces in the relevant URL's so they don't automatically hyperlink.

It looked official enough to fool someone not on the lookout for fraud mails, but one thing I noticed right off - aside from the fact that my name was not anywhere in the e-mail - was the URL they posted. While it displays as
htt ps: // ww w. paypal. com /us/wf/f=ap_email (spaces added), what that link actually points to is something else altogether: http: // ww w.google. co.uk/url?sa=U&start=4&q= http:// 211.21.82.91/ java/index.php

They're routing access to their page through Google. Looks like there's javascript involved, possibly something which preys on security holes in vulnerable systems. In a word: Don't go there!


Just wanted to post this as a heads-up in case you've not seen these latest phishing mails.

Good going!

Thanks GW.

(Wow...so many new scams popping up all the time!)

I got the same one and forwarded it to some spoof email site that will list all forms of the letter so that others will see what it looks like and AVOID!
Thanks GW that is a great help and to remember that paypal will never ask for personal information in an email and will always address you by name if they do email you.
Ebay spoof mail is out there too (got a few of each) do not open it just delete it the same holds true for them!
Thanks again GW

thanks GW, for another phish alert. I would just like to slap those folks that create such a hassle with their computer knowledge!!!

People that have the knowledge and skills to figure something like this out also have the abilities to get a GOOD paying job. I don't understand why they feel the need to try to steal, instead of seeking employment that will pay them well to do some constructive work.

Those that are coming up with these scams are no dummies. They are very smart. Why don't they put those brains to a constructive use?

I think that's the million dollar question of the decade.

I got very similar ones yesterday and today, for the first time. I'd heard of this scam 6 months ago, but didn't realize it is an evolution of scams, being recreated in different forms, different types of emails.

The one yesterday said it needed to update my account, and asked for me to click a button to update my information. HELLO!!!!!! I don't even HAVE a paypal account! It is sad this happened 6 months ago and now is happening again. I hope they don't find too many victims.

I got this one too, about a month ago.

The first thing I did was go directly to PP on my own (opened new browser window) and checked my account...whew....no new email addresses, so I forwarded it to spoof@paypal.com, too. (I can't help but wonder, though....if that really does any good?!)

I'm with you, JoanJ....if they're that savvy...why don't they put their talents to *good* use?!

I sell stuff on e-bay and I get phishing attempts a couple times a week, usually from people pretending to be e-bay but sometimes from Paypal imposters, too. (E-bay and Paypal are owned by the same company.) I don't know how Paypal does it, but when E-bay wants to send you a message, they send it to your E-bay home page, not to your e-mail address.

GW, for the first time, I also got one phishing my Amazon account! I get them often about PayPal, but the Amazon one was a first... so, HEAD'S UP!

If you spoof@ any freud attempt mail it does mather. Have a good frind who works with computersecurity on banks and other big companies. they actually love to get this kind of mail because it helps them to build up securitys and firewalls. I know for a fact that this same person also love to get a hold of computerviruses for exact the same reason.
The more who sends in to spoof the bigger chans that these people finally get do do hard time, since the freadulant behavior surpasses country borders.
Janett

Janett, what's more is the majority of the originators end up being outside the US because tracing and legal rangling with foreign entities is more difficult for Americans.

yes they do tend to be from way away from the United Staes when and if they do find them. One I was told came from Singapore- Go figure
Anne

You KNOW it's fraud when you don't even have a Pay Pal account and they write you to tell you they need information to update your account. HELLO!

Yep. I get one from time to time "from" a bank at which I have never had an account.

Sorry reread my post and the last mening came out wrong.
Not only the crime goes over the borders but more and more countries are legally punishing people that makes the crimes over the borderline. I know that if a swede does this type of crime to someone lets say in US he IS GOING TO DO HARD TIME.
That goes for many sorts of crime thats made over computers and internet.
This does not only effects freud but worse crime also if its commited over the net.
I know that UK has the same ruel/law, about 10-15 years ago two teenagers in UK was convicted for hacking the US military mainframe computer from UK.
Janett

ya know, those last two emails I got regarding my imaginary Paypal account were in my junk mail (which I check - just in case a friend's went there accidentally when mass-mailing a joke). But I deleted them. Now I wish I would have reported it and sent them the link as well as attach the script. If I get another one like it, I will remember to do that. Anything else I should do?

Don't you love those junk ads that say "Karrie, claim your prize now - you have won a new widescreen hd television" or "Karrie - claim your free $2500 - no strings attached!" geeeeeez.....

The rule of thumb in our house is that you never respond to any request for personal info no matter what the pretense may be.

Daily I get requests from either:

Ebay
Paypal
Barclays Bank
Bank of America
Earthlink

And various banks that swear my account is in jeopardy unless I update my personal information. I don't even have accounts with them.

Ebay and Paypal have sent emails out stating that they would never request personal information via a email and to consider all requests as fraud.

I'd suggest everyone do the same.

Karen

Karrie20x LOL. I HATE junkmail and thank god for my emailserver, They dont let junkmail in to my mailbox at all. its only those freudmails pretending to legit that seeps through.
and I always forward those without opening them anymore.
Janett

Jannett -

I can make my email be where I don't get those emails, but I end up filtering out emails that i do want when I make it that sensitive. That i why I check my junk mail as it exists now, to make sure there aren't any from friends. Usually there isn't but once in awhile, there is.