So i got this message...

[pjleonhardt]

I got this message today...:

Not only does the link go to http://3261504708/index.php (Some people actually try to make it look like paypal.. like http://p.aypal.com/....)

The return adress says service@wachovia.com!!!

Talk about a horrible spammer. Not that it wont get a ton of people to fall for it, though the website is down.

 

[sknydave]

I got the same email. I'm sure he's taken over thousands of accounts with this bullshit already

 

[DanNicol]

save yourself some time just post your paypal information here - J/K

 

[pjleonhardt]

i took 2 minutes of my time and found the originating email address (most likely hacked) and reported it to the service provider.

 

[Jan]

So, is there a way to easily tell the real PayPal e-mail from the frauds?? Do you just have to check out each one?

 

[L146705]

just delete it any email from paypal that asks for your account details is bound to be spam.

 

[MisterX]

So, is there a way to easily tell the real PayPal e-mail from the frauds?? Do you just have to check out each one?

My first response was "if it goes to https://<legitimate_site>.com, then it's probably real...although, now that I think about it, I think I've seen a progam that fakes the address bar..."

So I go to Google to learn about fake address bars, and now I'm actually worried:

A hijacked address bar.
Up to this point, the phishing exploit has been identical to hundreds of older scams that have plagued the Internet for months. The new wrinkle — and the most frightening aspect — is that the address bar of your browser says you're on a page of the financial institution's site. The actual Web address is invisible, because the phisher's site has run code that replaced your browser's real address bar with a fake one.

http://www.windowssecrets.com/comp/040506/
http://news.bbc.co.uk/2/hi/technology/3608943.stm
http://www.contentverification.com/graphic-attacks/demo/index.html

 

[emp]

Yep, good riddance.
Anyone asking you for your account details/PW, etc.. via email is deleted AT ONCE!

On a side note:
We thought we were being victims of "social hacking" when someone called us to talk about our experiences with the new e-banking.
Turns out the banks in Switzerland do this kind of thing. Just customer service. No wonder we freaked out.

::emp::

 

[Zygoot-]

These PayPal scams are pretty common.

Real mails from PayPal are easy to identify. AFAIK they always start with "Dear Your Name, "

The fake ones use stuff like "Dear PayPal user" or "Dear PayPal member" because they don't know your name.

 

[claudek]

I have found that Gmail labels such emails as a possible phising.
Also I use Opera and it is pretty good in letting me know of these dodgy sites.

So, is there a way to easily tell the real PayPal e-mail from the frauds?? Do you just have to check out each one?

 

[Chromate]

I've received loads of mails like this. Report them to the service provider so they can take action.

 

[Saadh]

Just curious, do the people who do the paypal and ebay stuff (Those two scams are seen the most), do they make a lot of money?

What about the endless streams of viagra emails? When I used to use ICQ, damn, all I got was stuff like viagra or work at home stuff as well. I remember reading that Jon actually was able to make one of the first ICQ bots? I think I read it here, not sure.

 

[Andrew]

You guys never heard of phishing?

 

[sknydave]

Just play it safe and never log into paypal or ebay or anything via an email

 

[Learning Geek]

I delete all emails and go straight to the site to login - safest bet. Some of them look pretty real at quick glance. The latest ones I have been getting are people telling me I stole their ebay auctions or that my order has shipped.

Delete, delete, delete.

 

[shokthx]

Never log onto any site from an unexpected email.
Someone's even doing a local credit union near me. Amazing.
I always like the emails from credit card companies I don't have cards with.

 

[pjleonhardt]

I have found that Gmail labels such emails as a possible phising.
Also I use Opera and it is pretty good in letting me know of these dodgy sites.

Gmail does not automatically label things as phising scams though. A user has to report the message to google (which I did), and then a warning will show up to all other users who receive the exact same message. So, you have to get unlucky enough to hit a user who a) can identify it as a scam, b) knows that there is the option to report it, and c) gives enough of a damn to actually report it.
I do like the feature though. I just think that they should scan the headers for obvious things like if the return address is service@wachovia.com and the originating message is from an account at bellsouth... and automatically mark it as possible phishing.