e-mail PayPal Warning...

Discussion in 'Community' started by Macs R Us, Oct 17, 2004.

  1. Macs R Us macrumors 6502

    Joined:
    Mar 8, 2004
    Location:
    Here on My Mac(s) in my house in the USA!
    #1
    I just found out that there is a person doing BIG e-mails that try to get your PayPal password and your info... This is the e-mail going though geocities, g-mail, and Hotmail... I have got 2 of theses... Please don't use it...Below

    ________________Start of the e-mail _____________________
    is the result of your feedback form. It was submitted by
    (AP9V9M@aol.com) on Sunday, October 17, 2004 at 02:45:28
    ---------------------------------------------------------------------------

    : Dear Paypal customer,we are sorry to inform you that we are having
    problem's with the billing information on your account.
    We would appreciate it if you would go to our website and fill out the
    proper information that we require to keep your account
    active

    Please Update your account information by visiting our updates web site
    below.

    http:\\r.aol.com\cgi\redir-complex?url=http://get-me.to/update

    We are here to serve you
    Steve Johnson.
    Billing Updates Center
    Account Updates Team.
    2004
    http:\\r.aol.com\cgi\redir-complex?url=http://get-me.to/update
    DJ49JU<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br>CFW6SK

    ---------------------------------------------------------------------------

    Confidentiality DisclaimerThis email and any files transmitted with it
    may contain confidential and/or proprietary information in the
    possession of Phoenix Health Care Management Services, and is intended only for
    the individual or entity to whom addressed. This email may contain
    information that is held to be privileged, confidential and exempt from
    disclosure under applicable law. If the reader of this message is not the
    intended recipient, you are hereby notified that any unauthorized
    access, dissemination, distribution or copying of any information from this
    email is strictly prohibited, and may subject you to criminal and/or
    civil liability. If you have received this email in error, please notify
    the sender by reply email and then delete this email and its
    attachments from your computer. Thank you.

    +++++++++++++++++++++++++++++++++++++++++++
    END OF E-MAIL

    I'm doing this to help out my fellow Mac users... Just an FYI To save some ones money...
     
  2. Macs R Us thread starter macrumors 6502

    Joined:
    Mar 8, 2004
    Location:
    Here on My Mac(s) in my house in the USA!
    #2
  3. MacFan25863 macrumors 6502a

    MacFan25863

    Joined:
    Jun 20, 2004
    #3
    Anyone who believes the folowing text (which is shown when one first visits the site) deserves to be scammed:


    I mean, please. A huge corp. like Paypal isn't going to put in so many grammar and spelling mistakes :rollseyes:
     
  4. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #4
    :rolleyes:

    The standard rule for these things...if you're scared, go directly to the homepage of the company involved -- if its for real, you'll see it mentioned there. But of course, never click through on the link in the e-mail.

    BTW, it seems a lot of the times like the link looks legit or almost legit -- I couldn't find any copies of this in my trash box, but I seem to remember that it actually looked like the link was back to paypal when I got it. Is there a way to disguise it?
     
  5. Kwyjibo macrumors 68040

    Kwyjibo

    Joined:
    Nov 5, 2002
    #5
    Sadly these emails are all too common and will continue until they stop working, you're not the first and probably won't be the last to get one.
     
  6. stevehaslip macrumors 6502a

    stevehaslip

    Joined:
    Apr 30, 2004
    Location:
    The Ocean Floor
    #6
    Thanks for the warning, i wouldn't give out my details to anyone anyway! its like giving away free money!

    on the off chance, i'll ask... Is anyone giving away any free money??? :D
     
  7. Doctor Q Administrator

    Doctor Q

    Staff Member

    Joined:
    Sep 19, 2002
    Location:
    Los Angeles
    #7
    That's called phishing. It's dirty business, used for credit card fraud and identity theft, but unfortunately it's effective. Thousands of people obediently go to web sites that look official, but aren't, and fill in their name and credit card information. The Citibank scam is probably the best developed one so far.

    Sometimes the phishers use domain names that are close to the real company's domain name. Sometimes they use redirection, as the one you quoted does.

    http:\\r.aol.com\cgi\redir-complex?url=http://get-me.to/update

    Notice the top-level domain. The victims are sending their credit card number to somebody they don't know who registered in the Kingdom of Tonga.

    For more information about phishing and the common scams, see the Anti-Phishing Working Group.
     
  8. King Cobra macrumors 603

    Joined:
    Mar 2, 2002
    #8
    I'm bored, and my Fastmail account is growing cobwebs, so scam me there. Actually, you should be scammed...not everyone knows every single scam email. C'mon, I once fell for those false eBay emails with the multiple <br> tags and the broken link...it also said to fill out information in 5 days before account termination. After contacting someone else directly, I was told to send nothing from the email.
     
  9. Duff-Man macrumors 68030

    Duff-Man

    Joined:
    Dec 26, 2002
    Location:
    Albuquerque, NM
    #9
    Duff-Man says...whenever I get those I report them - in this case I would fwd to spoof@paypal.com and also run the message through SpamCop so the originating ISP(s) get notified as well - they *do* take these seriously (most of them anyway).....oh yeah!
     
  10. dethl macrumors regular

    Joined:
    Aug 28, 2002
    Location:
    Austin, TX
    #10
    These guys leave lots of clues....

    The .to is a front to forward data from a DSL connection. I tracerouted 69.211.56.228, and i get:

    adsl-69-221-56-228.dsl.chcgil.ameritech.net

    EDIT: Another traceroute I did just now no longer has the ameritech.net DSL name resolution.
     

Share This Page