PayPal - spoof email - Mischel Internet Security Forum

Jobs | About | Blog | Contact

Download TrojanHunter Now
Free 30-day trial!

Latest TrojanHunter Version:
TrojanHunter 5.0

Order Now
License file delivered within minutes.

Welcome, Guest. Please Login or Register.

Nov 20^th, 2008, 7:47am

   Mischel Internet Security Forum
   Internet Security
   General (Moderators: Helena, Gavin_Coe, Magnus)
   PayPal - spoof email

« Previous topic | Next topic »

Pages: 1

Notify of replies

Send Topic

Author

Topic: PayPal - spoof email (Read 603 times)

Ian
Stole All the Forum Stars

Good things come to those who wait ...

Posts: 2913

PayPal - spoof email
« on: Jul 17^th, 2003, 11:00pm »

Quote

Modify

Watch out - the PayPal spoof email is doing the rounds!

This one is a resurrection job - similar to one reported a while back in the press.

Basically, the emai looks official, but asks for your PayPal ID, credit card number and PIN. According ot one server admin (in the south of England), they see the traffic for this at about 500 replies per day, since the 'harvesters' route through their server. Another fake reply address claimed to be a company in Vegas (that obviously did not exist when checked).

The general pattern is that the return addresses are set up and used within a very short interval (it takes less than a working day to detect and shut down), but even when discovered, replies are still being sent.

According to one press report, no-one has yet suffered fraud from this (which begs the question 'Why are the doing it?). Still, give them a few months.

IP Logged

... but crap arrives pretty much straight away.

maxqnz
Newbie

Walekam salaam, noho ora mai!

Posts: 26

Re: PayPal - spoof email
« Reply #1 on: Jul 17^th, 2003, 11:17pm »

Quote

Modify

on Jul 17^th, 2003, 11:00pm, Ian wrote:

Is this one still using the address that starts http, instead of the real Paypal address which starts https?

IP Logged

ओ पालनहारे, तुमरे बिन हमरा कौनों नहीं
What's a pieriansipist?

Ian
Stole All the Forum Stars

Good things come to those who wait ...

Posts: 2913

Re: PayPal - spoof email
« Reply #2 on: Jul 17^th, 2003, 11:24pm »

Quote

Modify

Yup. The return addresses change with each spamming batch, and the http version doesn't show up in logfiles as easily - apparently!

Thing that surprised me was the amount of replies. One sysadmin reported that replies were coming so fast at one time that he recieved a dozen or so during the time it took to disable the spoofer's fake addy.

Maybe I'm just paranoid, but does everyone just go around giving up access to their money at the drop of a hat these days?! Grin

IP Logged

... but crap arrives pretty much straight away.

Jamming
Stole All the Forum Stars

Remember when a Trojan was just for protection.

Gender: male

Posts: 2039

Re: PayPal - spoof email
« Reply #3 on: Jul 18^th, 2003, 4:52am »

Quote

Modify

Well if one out of ten thousand does then, sending it to a million people will result in 100 accounts on average. If you encounter one of these forward and submit them to:

accessviolation@paypal.com

You will get an automated response.

IP Logged

Team Z Member

Servare cives, major est virtus patriae patri.
- Lucius Annaeus Seneca
I was born an American; I live an American; I shall die an American!
- Daniel Webster

Ian
Stole All the Forum Stars

Good things come to those who wait ...

Posts: 2913

Re: PayPal - spoof email
« Reply #4 on: Jul 20^th, 2003, 6:16pm »

Quote

Modify

Someone speculated that this might just be trophy-hunting; sort of "I've got 10,000 Visa card details - that's more than <whoever>!". Still, it's a bit specific and can't be viewed as the same sort of minor inconvenience as the web-site deface-athons. You can't just restore the security of your details like you can with a set of files on a server... I know this kind of brag-fest goes on in some of the black-hat channels, usually talking about collections of slave-bots on compromised systems, but even then, closing the (back)door is far easier than resecuring a credit card.

Education is the key - too many clueless clickers on the web!

IP Logged

... but crap arrives pretty much straight away.

Jamming
Stole All the Forum Stars

Remember when a Trojan was just for protection.

Gender: male

Posts: 2039

Re: PayPal - spoof email
« Reply #5 on: Jul 20^th, 2003, 6:35pm »

Quote

Modify

This would be more of a scam to make purchases and pay for access, for hackers. Once these accounts get out of the major economies, they could even be used for Airline Tickets and many other things. I think this is more on the line of General Criminal activity, rather than straight hacker bragging.

IP Logged

Team Z Member

Servare cives, major est virtus patriae patri.
- Lucius Annaeus Seneca
I was born an American; I live an American; I shall die an American!
- Daniel Webster

Ian
Stole All the Forum Stars

Good things come to those who wait ...

Posts: 2913

Re: PayPal - spoof email
« Reply #6 on: Jul 20^th, 2003, 7:06pm »

Quote

Modify

I guess they'd leave things to go quiet for a while before using a number (almost the exact opposite of a physical card theft).

Then there's the problem people would face not knowing if their card issuer would hold them liable for dishing out this information in the first place. Most issuers don't, of course, and would cover it like any other web fraud, but there may be this uncertainty that keeps people from shouting about it too much.

IP Logged

... but crap arrives pretty much straight away.

Pages: 1

Notify of replies

Send Topic


« Previous topic \| Next topic »

Search

Members

Login

Register