OT: Funny Stuff from Pay Pal?

Page 1 of 3  

Two non-Pay Pal users got this notice today:
--------------------------------------------------------------
Dear Paypal Member,
We recently noticed one or more attempts to log in to your PayPal account from a foreign IP address.
If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. However, if you did not initiate the log ins, please visit PayPal as soon as possible to change your password:
https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run
Changing your password is a security measure that will ensure that you are the only person with access to the account.
Thanks for your patience as we work together to protect your account.
Sincerely, PayPal
----------------------------------------------------------------
Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the 'Help' link in the header of any page.
PayPal Email ID PP321
---------------------------------------------------------------
So, I don't know if the above is a hoax or the real tomato but ?????
Josie
--
----------------------------------
"Once you know, you know"
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Its a criminal fraud called phishing. If you look at the text of the URL you will see that the link does not match the text of the email.
Paypal NEVER sends out messages of that type.
If you follow the link you should find that the site is down by now. Otherwise please drop me a line.
my day jod is working out how to stop this particular crime.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Phillip Hallam-Baker wrote:

Thanks from all of us then. :-)
-- Will R. Jewel Boxes and Wood Art http://woodwork.pmccl.com The power of accurate observation is commonly called cynicism by those who have not got it. George Bernard Shaw
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Phillip,
Glad to hear that there are individuals employed to chase down this type of crime. I also have gotten many of these notes within the year. I have reported these attempts to paypal, RCMP & CSIS (Canadian intelligence). I also picked up on the link being bogus. My advice to anyone is never follow the link in a email sent to them. Always go through a the www.paypal.com login screen to login and check for activity on your account. Only change account info and passwords through the main login and not from link given in an email.

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

Good deal! Hope you are having some success at that endeavor.
+--------------------------------------------------------------------------------+ The absence of accidents does not mean the presence of safety Army General Richard Cody +--------------------------------------------------------------------------------+
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

The problems revolve around changing the existing infrastructure in a non-disruptive way and doing it in a fashion that won't be percieved as proprietary by any other vendors or the open source community.
scott
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Sounds cool. How do I get a gig like that? Would you benefit from copies of the current phishing attempts I get?
Dave Hinz
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Quick google search shows that Dr. Hallam-Baker is Principal Scientist at VeriSign.

I suspect he isn't fighting at the front-line, but rather trying to determine methods that would prevent such attempts from either being made or being successful.
scott

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Ah. Glad they're doing that, I didn't know they did more than site certs and security stuff. Good to have a company with all those resources actively pursuing the bad guys.

Yes, it's a challenge to find something (a) easy for the users to use, (b) unspoofable for the bad guys, and (c) likely to be _used_ to check validity of where the site pretends to be.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Their portfolio is pretty broad now, they started with certs, but now do everything from downloadable ring-tones through cell call billing, on-line credit card processing and smart-tokens for multi-factor authentication. And don't forget running .com and .net root DNS servers.

And non-proprietary.
scott
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Hi Scott,
I never got to thank you for the push sticks. They have come in very handy. I also realize that I need to get a bandsaw sooner than I planned.

Absolutely, we have more than enough people playing whack-a-mole. My job is to work out ways we can fill some of the mole-holes up with cement so that the mole-whackers have a better chance of clobbering 'em.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Hmmm
These paypal notices are hoaxes...
firstjois wrote:

HOAX HOAX HOAX
Lots of this stuff going around today. A veritable flood as it were.
I think that the woodwork groups are being farmed for addresses. (and probably all others...)
People I know are seeing 5 to 8 virus attachments a day as well as this crap.
I have looked at the code for the Paypal stuff and tracked some of the websites back to China using some of the tools I have here.
You can use web based "whois" if you are brave enough to fiddle with the messages and extract stuff. Some of these messages now have executable code in them. Exercise caution -- at the least turn off Javascript for email and newsgroups.
The 419 and Lottery scams are in high gear this last week or so.
For your entertainment - see the "Busted up Cowgirl" Link on the following page or got to the email security... http://pmccl.com/security/security.html
-- Will R. Jewel Boxes and Wood Art http://woodwork.pmccl.com The power of accurate observation is commonly called cynicism by those who have not got it. George Bernard Shaw
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Fraud.
PayPal is very explicit: they never, *ever* send e-mails that address you any other way than by your first and last name that you used when you registered.
See https://www.paypal.com/cgi-bin/webscr?cmd=xpt/general/SecuritySpoof-outside
-- Regards, Doug Miller (alphageek at milmac dot com)
Nobody ever left footprints in the sands of time by sitting on his butt. And who wants to leave buttprints in the sands of time?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Doug Miller wrote:

Hey, wait a minute Doug. Can we trust your link?? You're not phishing, are you??
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Fri, 25 Mar 2005 20:35:59 -0500, firstjois wrote:

Hoax. It's called phishing. The link goes to some chelovek in Moscow. No, I haven't seen your example, but I've gotten a few similar spams. The very best was one that purported to be from Microsoft. It was a doozy, well laid out, corporate logos, look'n'feel of MS. Be careful out there.
--
"Keep your ass behind you"
vladimir a t mad scientist com
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Fri, 25 Mar 2005 20:35:59 -0500, the inscrutable "firstjois"
--snip--

Josie, they're called "spoofs" and are hoaxes; scammers trying to get you to use your login info so they can empty your account into theirs.
======================================================= TANSTAAFL: There ain't no such thing as a free lunch. http://diversify.com Gourmet Web Applications =========================
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Larry Jaques wrote:

Thanks all! I've emailed my buddies and reported it back to Pay Pal, too. I've been using the internet for a long time but hadn't seen anything like that before. Some people really have a lot of time on their hands and pretty mean minds.
Josie
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Josie...
firstjois wrote:

You may have missed the point. :-)
This is a _big_ industry with lots of money at stake. It is worth their time -- just like good planning and execution pays off in any industry. They are not mean -- they are greedy and well financed.
Big money as in _billions of dollars_ are on the table if they can scam enough people.
Best wishes -- keep your credit cards in your wallet. LOL
And -- as I said before ... For your entertainment - see the "Busted up Cowgirl" Link on the following page or go to the email security... http://pmccl.com/security/security.html
-- Will R. Jewel Boxes and Wood Art http://woodwork.pmccl.com The power of accurate observation is commonly called cynicism by those who have not got it. George Bernard Shaw
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
WillR wrote:

[snip]
[snip]
You're right! I have trouble thinking of this kind of thing as a business.
Josie
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
firstjois wrote:

Crimony!
like
Uh, respectfully, people who have been using the internet for a long time usually know better than to email *all of their budies* about scams they get in email.
BTW, Craig Shergold got better.
--

FF


Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Related Threads

HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.