Forum Navigation

PayPal receipt phishing scam from 3322.org

 
Post new topic   Reply to topic    Zombie Nexus Forum Index -> Security
View previous topic :: View next topic  
Author Message
NightSpirit
Site Admin


Joined: 26 Nov 2002
Posts: 2955
Location: Enfield, London, UK

PostPosted: Fri Jul 15, 2005 12:52 pm    Post subject: PayPal receipt phishing scam from 3322.org Reply with quote

Bleh! It seems no email account is safe these days. At work we have an email account soley for receiving orders. Yet today it received a reciept appearing to come from Paypal for a very expensive and unwanted item. A quick check of the source indicated that it it was clearly a phishing scam - where someone spoofs information from a bank or other intenet site and attempts to get the receipient to click on a link in the email (which takes the user to a site that looks like the targeted site) or enter card/password details. Either method will enable criminals to then access your account and take money from your credit cards etc.

These evil scams no doubt fool many people as they contain images and styles linked directly to the website they are trying to spoof. This particular email we received was spoofed as a Paypal email, pulled images and css style sheets from the paypal site, but the login links went to a completely different website operated by the scammers. For example, the login link did not go to paypal.com, it went to:
www.onlinepaymentspaypaleiowoewqwrwetwrwe.3322.org
Clearly not a genuine paypal link, and a lookup on the domain shows the following:
Name: Bentium Ltd
Company: Yaako Ltd
Country: China

So obviously nothing to do with Paypal.

Unfortunatly, there are so many of these scams and still there are so many people fooled by such things Sad Therefore it seems a good idea to remind people of the following:

  • NEVER click on a link on an email to take you to a login screen, type the correct link in manually instead to ensure you go to the genuine page.
  • NEVER send your credit card details or password as a responce to an email
  • NEVER open an email attachment (unless you know the person sending AND have an up-to-date virus scanner and anti-spyware tools active.
  • Your bank, ebay, paypal etc will NEVER ask you to resupply your login, password, credit card details to "update their records". This is a scam, report it (via the contacts link on the true website for that company) and then delete it.

It's probably impossible for companies to take down these scammers so people instead need to be educated so that hopefully in the future nobody will fall for these or buy anything from spam and thus we will all stop getting them as the ccriminals dealing in such things will have no reason to continue.

Update: (FZR) I have written up a quick guide to preventing phishing here -


_________________
Whedon: We will rule over this time slot, and we will call it... "This Time Slot".

Fox: I think we should call it... your grave!

Whedon: Ah, curse your sudden but inevitable betrayal!

Fox: Ha ha HA! Mine is an evil laugh...now die!

-- Rei


Last edited on Mon Jul 18, 2005 11:12 am; edited 1 time in total

Back to top
View user's profile AIM Address MSN Messenger
NightSpirit
Site Admin


Joined: 26 Nov 2002
Posts: 2955
Location: Enfield, London, UK

PostPosted: Mon Jul 18, 2005 11:12 am    Post subject: Reply with quote

Made this an announcement for a bit since some people missed it the first time.
_________________
Whedon: We will rule over this time slot, and we will call it... "This Time Slot".

Fox: I think we should call it... your grave!

Whedon: Ah, curse your sudden but inevitable betrayal!

Fox: Ha ha HA! Mine is an evil laugh...now die!

-- Rei
Back to top
View user's profile AIM Address MSN Messenger
FraZor
Site Admin


Joined: 26 Nov 2002
Posts: 5118
Location: Enfield, London, UK

PostPosted: Wed Jul 20, 2005 11:30 am    Post subject: Reply with quote

Unstickied. It was only Gragoyle clarifying that his email was what you were describing, you can't blame him for not being as tech-literate as us and justn wanting to make sure.
_________________
Quote:"The question is not whether or not you're paranoid, its whether or not you're paranoid enough.'' Max, Strange Days
System: DFI LanParty UT NF4-Ultra, Athlon64 X2 4400+, GeForce 7800GTX 256Mb, 2Gb Corsair XMMS3500C2PRO, Creative X-Fi.
Back to top
View user's profile
FraZor
Site Admin


Joined: 26 Nov 2002
Posts: 5118
Location: Enfield, London, UK

PostPosted: Fri Aug 26, 2005 11:20 am    Post subject: Reply with quote

I have written up a quick guide to preventing phishing here -


_________________
Quote:"The question is not whether or not you're paranoid, its whether or not you're paranoid enough.'' Max, Strange Days
System: DFI LanParty UT NF4-Ultra, Athlon64 X2 4400+, GeForce 7800GTX 256Mb, 2Gb Corsair XMMS3500C2PRO, Creative X-Fi.

Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic    Zombie Nexus Forum Index -> Security All times are BST
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum

ZBN Codebase (version 3.4.6)
Copyright © 2001 - 2009 Fraser Pearce & Graeme Wheeler. All Rights Reserved.
All trademarks and logos are the property of their respective owners.

Powered by phpBB © 2001, 2005 phpBB Group
Enhanced by these phpBB Mods and Hacks