Watch Out If You Use Paypal!!!!!!

[frank m]

Watch out guys and gals!!!!! I just received an email purportedly from Paypal stating I had to update my account or they would cancel my account by the end of the month. It looked legit, used the PayPal logo and all, but I became suspicious when then asked for Password and credit card information. I called PayPal just to check and they said it wasn't from them. If you've ever used PayPal for ebay or to buy something, you know the real paypal has your bank information as well as credit card info. So don't fall for this scam. It can be dangerous on the internet.

[walto]

Thanks for the tip, Frank.

[Phil_Meloy]

There's loads of that kinda stuff going round. I regularly get emails from what appear to be bona fide British high street banks asking me to confirm my account details for security purposes. Only problem is that I've never had an account with them.

[Pete C]

You can tell it's a phony when the return address on the email asking you to update your Chase banking info is chase@yahoo.com!

[RainyDay]

Jeez, I bet I could sell all of you guys oceanfront property in Nevada.

Yeah, old news.

I use Pay Pal and recently received that same e-mail.

Two clicks later it was in the garbage.

This kind of scam has been used far and wide for quite some time.

[GoodSpeak]

OK.

Is PayPal a problem on e-bay?

Quote:

Originally Posted by GoodSpeak

OK.

Is PayPal a problem on e-bay?

Pay attention, Goodz. The problem isn't Pay Pal. the problem is scam artists. The e-mail that Frank is talking about didn't come from Pay Pal. It came from some dirty motherfuckers trying to trick you.

Kapeesh?

[Ron Thorne]

IMPORTANT-

When you receive a suspicious e-mail such as this, simply Forward it to spoof@paypal.com or spoof@ebay.com with no other entries. You'll receive a thank you and further information from them via e-mail very soon.

Whatever you do, don't respond to any such e-mail. And, unless you want to get wiped out, financially, don't give them any requested information.

This is old news, frankly.

Excellent post, Father Thorne!

[Jimmy Cantiello]

Quote:

Originally Posted by RainyDay

Jeez, I bet I could sell all of you guys oceanfront property in Nevada.

Let me know when California falls into the Pacific. I may be interested then..............

[Gary Sisco]

Paypal actually did post a warning a while back about this scam, and in it, they said that Paypal will never send out emails asking for updated info of any kind. If required, it would be something that happened on their website and not via your email. (As happened with me once, when their site notified me that I was about to use up my allotment of "unverified" funds for paying, and I had to give them a bank account to verify my status with them. I still use the credit card, anyway.) I'd not respond to any email, from anywhere, asking me to give up any info like that. You'd have to be crazed.

Amazing number of Americans fall for the dumbest possible scams, though. A trusting bunch or a fucking stupid bunch? You decide. Either way, billions are made every year ripping them off in amazingly transparent ways.

[jesus marion joseph]

I have US $10 million waiting for me in a trust account in Nigeria.......

[Jimmy Cantiello]

Gary, although I agree with you about people being stupid, I don't think Americans have the market cornered on that. There are an awful lot of dumb people in other countries as well............

[Gary Delligatti]

I use Paypal all the time. You got to understand that they will never ask you to update your account or ask for any personal information after you are set up. They also will always address you by your name, never generically. I always forward these E-Mails to their security department.

[Gary Sisco]

True, but do they send thousands of dollars as an "investment" when an absolute stranger calls them on the telephone? Ever wonder how many people actually did send all of their info to the "paypal" scammer above? Plenty, I'd bet.

There are certain national (and regional) forms of dumbness, in my experience. In Vermont, for example, almost no one expects to be ripped off, even though burglary is the most common serious crime here. Go figure. I call it Vermont dumb. There are other regional forms as well.

[clinthopson]

I used paypal three times, the last two times they didn't do anything about some problems.

Fuck 'em.

[Deke]

I read about a 'Scam baiter' who actually conned the conman into sending him twenty quid to a PO Box No. to open an account this end. Yes, there are a lot of gullible people around.

Ebay will no longer send you information concerning your account to your regular mailbox. If you log on to 'My ebay' you'll find that you now have a 'messages' heading. From now on that's where all that stuff will be conducted. I'm guessing that Paypal may soon do the same, being the same company and everything...

[Gary Delligatti]

Quote:

Originally Posted by Gary Sisco

Ever wonder how many people actually did send all of their info to the "paypal" scammer above? Plenty, I'd bet.

I am afraid you are correct--sadly, some people are really vulnerable and gullible

[Gentle Giant]

It's called Phishing, and PayPal and eBay are popular targets, as are banks and credit cards. Suffice to say, don't give any confidential information to anyone who asks for it via email.

[GoodSpeak]

Quote:

Originally Posted by Scott Dolan

Pay attention, Goodz. The problem isn't Pay Pal. the problem is scam artists. The e-mail that Frank is talking about didn't come from Pay Pal. It came from some dirty motherfuckers trying to trick you.

Kapeesh?

Um.


I knew that.

[Ron Thorne]

Quote:

Originally Posted by GoodSpeak

OK.

Is PayPal a problem on e-bay?

Ummm ... Goody, you did ask the above question in post #7, thus Scott's response.

The answer is no. Further, PayPal was purchased by eBay some time ago, so they're part of the same corporation. It wouldn't be prudent for PayPal to be a problem anywhere, especially on eBay.

If you receive what you feel is a suspicious phishing e-mail, send a copy to the Federal Trade Commission. Here's the special report on phishing from the FTC.

Here's a link to a volunteer anti-phishing site which has some very useful information.

[GoodSpeak]

I got it, Ron.


Thanks.

[Ron Thorne]

You're welcome, Tim.

Not surprisingly, exactly four minutes after my last post I received a phishing e-mail purportedly sent by eBay, including the logo seen below.

The subject of the e-mail:Your Final Warning From eBay

Update Your Account Information Within 24 Hours

I dutifully forwarded it to spoof@ebay.com and they sent me a thank you note with the usual followup language -

Hello,

Thank you for writing to eBay regarding the email you received.

Emails such as this, commonly referred to as "spoof" or "phished"
messages, are sent in an attempt to collect sensitive personal or
financial information from the recipients.

The email you reported was not sent by eBay. We have reported this email
to the appropriate authorities.

Quote:

Originally Posted by Father Thorne

Ummm ... Goody, you did ask the above question in post #7, thus Scott's response.

Thank you, Father Thorne.

Thought I might have been losing it for a moment there.

[Gary Sisco]

Speaking of Paypal, anyone know what's up with it? I've been trying to send a cat some money for some records for a couple of days and the site's been down. That must be wreaking some havoc with online sales.

I've been using Paypal for as long as I've been an Erstwhile minion, without any problems at all.

[Deke]

Quote:

Originally Posted by Gary Sisco

Speaking of Paypal, anyone know what's up with it? I've been trying to send a cat some money for some records for a couple of days and the site's been down.

I've had a couple of days when sending money made me feel a little like Sisyphus, but PaypalUK is back in action now.

[Gary Delligatti]

Grabbed this from WP News:
Beware: Phishers are Getting Smarter (and More Dangerous)

Popular "phishing" scams - e-mail messages purporting to be from your bank, credit card company, or another company with which you do business but actually sent by fraudsters hoping to divest you of money or valuable information - have already netted thousands of victims. But the public is slowly becoming aware of the danger, and many have stopped clicking on links embedded in such messages. In fact, security experts commonly warn that if you want to visit a site to do financial business, you should always type in the URL yourself rather than clicking a link.

Well, the phishers are getting around that in some cases, by sending or downloading scripts to your computer that alter your HOSTS file. This is a text file with no extension that lives in your WINDOWS\system32\drivers\etc folder and contains mappings of IP addresses to host names (also called DNS names, such as www.companyname.com). If your operating system is set so that the HOSTS file mappings are checked first, before querying a DNS server, this can cause your browser to be redirected to the wrong IP address - that of the scammer's site - even though you type in the correct URL.

To check what's in your HOSTS file, navigate to it in the folder path given above and double click it. When Windows asks what program you want to use to open it, select Notepad. By default, it will contain one entry: 127.0.0.1 localhost. All lines that have a # in front of them are commentary only. Ensure that there aren't any suspicious entries, such as an IP address followed by a bank's URL. The easiest way to disable use of the HOSTS file is to rename it, but scammers' scripts might recreate it. You can change the order in which Windows uses name resolution methods so that DNS servers are given first priority. This requires editing the Registry. Step by step instructions are here:
http://www.winxpnews.com/rd/rd.cfm?i...ame_Resolution


Firefox Vulnerability Could Be Exploited by Phishers

Speaking of phishing, Firefox users should be aware of a software flaw in Firefox 1.0 that allows hackers to spoof the URL in the download dialog box. This could be used to conceal the real source of files being downloaded to your computer. More and more people have been either switching to Firefox completely or using it in addition to Internet Explorer. While IE still holds a strong hold on the market (from 89 to 92 percent, according to recent statistics quoted on ZDNet), Firefox is gaining all the time. Many of its users fear that its increasingly popularity will also cause hackers - who focus mostly on creating attacks that target IE - to turn their attention to writing exploits for it. Read more about the vulnerability here:
http://www.winxpnews.com/rd/rd.cfm?id=050125SE-Phishers

[Deke]

Quote:

Originally Posted by Britain's 'Computer Buyer' magazine

Wednesday 23rd June 2004

MasterCard to take action over phishing attacks

10:20AM Credit card giant MasterCard International is to go on the offensive to halt the spread of 'phishing' attacks on the Internet. The company is now going to actively search out phishers on the Internet whose attacks rose a whopping 684 per cent from January to May this year. 'Phishing' is the process whereby a person is persuaded by the use of fraudulent emails or other means to reveal personal details such as passwords, PIN numbers or credit card details to criminals. Over the past few months, a number of British financial institutions, including Lloyds, Barclays, NatWest, Halifax and Nationwide have had their logos and web sites forged in order to convince customers that the contacts were genuine.

MasterCard will be using the services and tools of digital fraud detection company NameProtect to track down the perpetrators of the frauds which are becoming endemic on the Internet. NameProtect will deploy its Internet detection technology to continuously monitor domain names, web pages, online discussions spam email, and other online formats to identify online trading rings, phishing attacks, and other forms of online fraud the moment each attack is launched online. NameProtect will then instantly report back such activity to MasterCard. MasterCard says it will turn the information over to law enforcement agencies including the United States Secret Service, the Federal Bureau of Investigation, the US Postal Service, and Interpol, for appropriate action. It will also alert its 25,000 member financial institutions, which can use it to protect themselves and their millions of cardholders.

According to the Anti-Phishing Working Group (APWG) there were 1,197 unique attacks in May with CitiBank and eBay the most frequent targets. The APWG also reports that 95 per cent of phishing attacks are via spoofed email addresses. The criminal attractions are obvious; according to the APWG, phishing attacks can gain a staggering five per cent response rate of people willing to hand over their personal details in response to an email.

The US Federal Trade Commission has reported that identity theft has been the No. 1 consumer complaint for four consecutive years. Research firm Gartner says that Fifty-seven million US adults think they have received a phishing e-mail. More than 1.4 million users have suffered from identity theft fraud, costing banks and card issuers $1.2 billion in direct losses in the past year.

Whilst banks and credit card firms will reimburse customers if they have been defrauded, the costs have to be borne by the bank and ultimately the customer in the form of higher charges and interest rates.

Steve Malone

[frankiepop]

Quote:

Originally Posted by RainyDay

Jeez, I bet I could sell all of you guys oceanfront property in Nevada.

you guys????