OT: Funny Stuff from Pay Pal?

If you mosey over to news.admin.net-absue.email and Google for terms like "how to read email headers" you will find out how easy it is to verify that these are fake.

You can use the same techniques to find out who owns a webpage (up to a point, the criminals work through fronts but legit companies do not.)

Of course it is usually pretty easy to identify the fakes just from the text. They always ask for information a legitimate company will not, like your PIN or password, Social Security Account Number and so on.

Reply to
fredfighter
Loading thread data ...

Josie...

firstjois wrote:

You may have missed the point. :-)

This is a _big_ industry with lots of money at stake. It is worth their=20 time -- just like good planning and execution pays off in any industry.=20 They are not mean -- they are greedy and well financed.

Big money as in _billions of dollars_ are on the table if they can scam=20 enough people.

Best wishes -- keep your credit cards in your wallet. LOL

And -- as I said before ... For your entertainment - see the "Busted up Cowgirl" Link on the=20 following page or go to the email security...

formatting link
R. Jewel Boxes and Wood Art
formatting link
power of accurate observation is commonly called cynicism by those=20 who have not got it.=94 George Bernard Shaw

Reply to
WillR

'Nother type of pfishing is the ones where you recieve an e mail message saying "Your order #xxxxx is ready", just hoping you get nosy and send them an irate e mail. NOW they have your address, at least.

Reply to
Norman D. Crow

No legitimate company will EVER send you an email of this type. Not PayPal, not your bank, not your credit card company. NONE of them. They quite simply DO NOT SEND NOTICES BY EMAIL.

EVERY message like this is an attempt to defraud you.

Every single one.

Reply to
Dave Balderstone

I turned the same email into Pay Pal a couple days ago.

-- Log

Reply to
Log

As a friend explained it to me, one trick is to the same address as the legitimate one except for using a foreign letter character that looks like an English character. I'm sure there are a myriad of other sneaky techniques.

Glen

Reply to
Glen

Which they didn't use to contact me in the first place?

Or do you mean that they have confirmed someone at the address?

Sorry, I guess I'm just doing a Cawthorne, I really do understand what you mean. I just don't understand why they wouldn't continue to send to empty addresses, it being easier than weeding out, since their cutout mailing programs don't kick back undeliverables.

Reply to
George

[snip]

[snip]

You're right! I have trouble thinking of this kind of thing as a business.

Josie

Reply to
firstjois

Crimony!

Uh, respectfully, people who have been using the internet for a long time usually know better than to email *all of their budies* about scams they get in email.

BTW, Craig Shergold got better.

Reply to
fredfighter

left of the "*" is ignored.

Reply to
Bruce Barnett

Ha. Ha! Hey, I resemble that, but at least spell my last name correctly, Geroge.

Reply to
George E. Cawthon

Yes, they've confirmed a live address. I seldom see more than one of these from any sender, as Vircom usually catches the next one.(Vircom is firewall, spam & virus blocker used by my ISP)

Reply to
Norman D. Crow

One new-ish exploit substitutes characters from other languages that _look_ like English characters into the URL. So, it looks like paypal.com but it's really {p}aypal.com - where the "p" is the (Russian?) font character that looks like, but isn't, a "p".

If you get something "from" your bank, paypal, eBay, or anyone else claiming you need to do something to your account there, go to your browser, and type in the name of ebay, paypal, or your bank's site. Don't trust any clickable link for anything as important as your finances. Sounds paranoid, but they're getting pretty clever.

Another recent worm that I've heard about but not seen, is that your system gets infected by a virus, which modifies your local hosts file, so your system _thinks_ it's getting to paypal.com, but it's going to the scammer's site instead. Solution there is (1) don't run Windows, or (2) keep up to date (daily) with antivirus and spyware scans.

Reply to
Dave Hinz

Microsoft was supposed to have fixed that problem 1.5 years ago. This may only work with very unpatched systems.

Reply to
Dave Hinz

Sounds cool. How do I get a gig like that? Would you benefit from copies of the current phishing attempts I get?

Dave Hinz

Reply to
Dave Hinz

Well - "R" if you must know, but unless you have one of the 4 Cyrillic fonts activated, and don't notice the difference in the letter, probably will come as its equivalent in the Latin character set.

"If you had, three years ago, learned only one new English word every day, you would today know one thousand more English words."

Not that I replied, having no desire to learn English. Now American....

Reply to
George

That sounds like the one. Thanks for the cpapification.

Reply to
Dave Hinz

Quick google search shows that Dr. Hallam-Baker is Principal Scientist at VeriSign.

I suspect he isn't fighting at the front-line, but rather trying to determine methods that would prevent such attempts from either being made or being successful.

scott

Reply to
Scott Lurndal

Ah. Glad they're doing that, I didn't know they did more than site certs and security stuff. Good to have a company with all those resources actively pursuing the bad guys.

Yes, it's a challenge to find something (a) easy for the users to use, (b) unspoofable for the bad guys, and (c) likely to be _used_ to check validity of where the site pretends to be.

Reply to
Dave Hinz

Their portfolio is pretty broad now, they started with certs, but now do everything from downloadable ring-tones through cell call billing, on-line credit card processing and smart-tokens for multi-factor authentication. And don't forget running .com and .net root DNS servers.

And non-proprietary.

scott

Reply to
Scott Lurndal

HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.