Subject | Beware of pseudo-paypal scam |
---|---|
Author | Claudio Valderrama C. |
Post date | 2004-05-22T09:03:44Z |
People, beware of an email it's circulating, supposedly sent by PayPal.
MailWasher has a way to show HTML without retrieving images, etc. It showed:
To update your PayPal® records click on the following link:
http://www.paypal.com/cgi-bin/webscr?cmd=_login-run [links to
210.120.9.236/paypal/login.htm]
Then I did
G:\WINNT\Profiles\Administrator>ping -a 210.120.9.236
Pinging primary.dacom.co.kr [210.120.9.236] with 32 bytes of data:
[etc]
Korea? Obviously something doesn't make sense here. The rest of the links in
the email are valid and point directly to the real Paypal.
Today, PayPal has confirmed to me that two different emails, one saying
"Today we had some trouble with one of our computer systems." (linking to
paypalv.com and including the so-called web-bugs) and another "we need to
update your information" (containing the Korean domain shown above) are
fake.
If you receive an email from paypal, don't click on links. Close your
browser completely, open it again and type directly in the address bar
https://www.paypal.com
Follow the same practice to log on other sensitive sites like your bank,
please!
C.
--
Claudio Valderrama C.
Consultant, SW developer.
www.cvalde.net - www.firebirdSql.org
MailWasher has a way to show HTML without retrieving images, etc. It showed:
To update your PayPal® records click on the following link:
http://www.paypal.com/cgi-bin/webscr?cmd=_login-run [links to
210.120.9.236/paypal/login.htm]
Then I did
G:\WINNT\Profiles\Administrator>ping -a 210.120.9.236
Pinging primary.dacom.co.kr [210.120.9.236] with 32 bytes of data:
[etc]
Korea? Obviously something doesn't make sense here. The rest of the links in
the email are valid and point directly to the real Paypal.
Today, PayPal has confirmed to me that two different emails, one saying
"Today we had some trouble with one of our computer systems." (linking to
paypalv.com and including the so-called web-bugs) and another "we need to
update your information" (containing the Korean domain shown above) are
fake.
If you receive an email from paypal, don't click on links. Close your
browser completely, open it again and type directly in the address bar
https://www.paypal.com
Follow the same practice to log on other sensitive sites like your bank,
please!
C.
--
Claudio Valderrama C.
Consultant, SW developer.
www.cvalde.net - www.firebirdSql.org