1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Beware - New PayPal Phishing Email

Discussion in 'Computer Security' started by techguy, Nov 19, 2005.

  1. techguy

    techguy Bit Poster

    Hello guys,
    Yesterday I received a fake paypal email from an anonymous crook, with the following content. This message is to alert you all. It took me about an hour to investigate and prepare these screen interfaces.

    Phishing Email

    Fake Paypal Login Page

    I decided to investigate this email further, and took the following steps to find the origin of the fake email.

    Original Paypal Login Page

    Fake Paypal Eamil Header

    Original Paypal Email Header

    IP Address verification - Original Paypal IP Address

    IP Address verification - Fake Paypal IP Address

    Hope this would help. If you have already received such type of emails in your mail box, then please forward it to spoof@paypal.com. For more information, please visit https://www.paypal.com/cgi-bin/webscr?cmd=xpt/general/TopQuestion4-outside

    Good luck to all.
  2. moominboy

    moominboy Gigabyte Poster

    thanks for that techguy!

    it's kinda scary how genuine they look though, i might've noticed the padlock was missing and the address was wrong but my wife....? :tongue

    i'll show her pronto! thanks again mate.
    Certifications: ECDL
    WIP: A+
  3. JonnyMX

    JonnyMX Petabyte Poster

    I got hit by one of these (similar) a month or two ago.
    I had an email from 'paypal' confirming payment to someone for a Ebay purchase. We didn't recognise it, and it was rather a lot of money.
    There was a link on the email 'click here to dispute payment' which with hindsight is uncharateristically helpful for paypal.
    I clicked it and was taken to what looked exactly like the paypal login page. I logged in but was then taken to a page asking me to confirm all my personal details like name, address and bank account.
    It was only then that I thought 'hang on...' and looked a bit closer.
    I was masterfully done, everything looked completely genuine.
    Anyone could have been caught out by it.
    I changed my paypal password and seem to have got away with it...
    Certifications: MCT, MCTS, i-Net+, CIW CI, Prince2, MSP, MCSD

Share This Page