Post by thread:Re1: [OT] is this a fake paypal? what the site can

It happened to me once: I saw a email from paypal stating my account will be suspended if do nothing within 24 hrs. I followed the link, gave password and correct address, finally returned a site that is not paypal. Then I talked to paypal, they told me I need change password immediately. Also I learned, look at the link: if it is not start with "http://www." then it is a fake. I don't know why? but in this case it is not. ----- Original Message ----- From: "James Newtons Massmind" <spam_OUTjamesnewtonTakeThisOuTmassmind.org> To: "'Microcontroller discussion list - Public.'" <.....piclistKILLspam@spam@mit.edu> Sent: Friday, November 04, 2005 12:38 PM Subject: RE: [OT] is this a fake paypal? what the site can do to you? > I don't mean to be... Mean. Or to question your intelligence... I'm sure > there must be a reason for this, and I genuinely want to know how anyone > could think that was a link to PayPal. > > I honestly want to know. I'm trying to understand how people get sucked into > these things, so I can try to help. > > What in that link makes you wonder if it could be real? > > Is it the redirect.to.paypal.com part? > > Is it not understanding that domains start from the left just after the > ? > > Is it having seen other links for advertisements where there is a redirector {Quote hidden}> to count the number of clicks? > > What part of the information that everyone gets from PayPal ("always start > with https://www.paypal.com ") is not being understood? > > Again, I'm not trying to be a jerk, I just can't think of a better way to > ask these questions. > > --- > James. > > > > > {Original Message removed}

microsoftwarecontrol wrote: > Also I learned, look at the link: > if it is not start with "http://www." > then it is a fake. I don't know why? This is not good enough as a rule! Unless you are quite familiar with the many ways URLs can be created and obfuscated, and with how your email program can be tricked in displaying links that do something different from what you would expect (using JavaScript etc.), the only safe way is to /never/, /ever/ enter confidential information into a site for which you didn't type the URL yourself into the browser. Note that not even your favorites are completely secure -- they can be injected. I don't know whether favorites can be removed or altered, but they can be added. At least a few years ago that was possible. And if you should receive a legitimate email from an institution you do business with that contains a link and asks you to follow that link and log in, you could send them a note asking them to remove that link from the email and instead read up on phishing, and instead of the link add some phishing education to their email... Gerhard

> And if you should receive a legitimate email from an institution you > do > business with that contains a link and asks you to follow that link > and log > in, you could send them a note asking them to remove that link from > the > email and instead read up on phishing, and instead of the link add > some > phishing education to their email... I recently received a higher than average quality phishing email. It's common to receive emails offering "part time work" where you are to be the agent for a company who wish you to receive payments on their behalf and forward them to them. For this you get say 5% of the payment. You are in effect laundering stolen funds - they steal funds from eg US accounts but are unable to remit these internationally due to certain safeguards - they need a real person in the loop. They want you to be the sucker. This email was one of those BUT, unlike most, the email address went to where it appeared to - which is unusual. Further - the website with the same name seemed to be that of a real company with many linked live pages, real merchandise, special offers, information pages, contact us pages etc. All seemed VERY real. I was certain it wasn't so kept looking for a giveaway. Aha! - they claimed to be in California but store hours were quoted in EST (Eastern Standard Time). I found a line from a page which seemed likely to be fairly unique, and asked Google. Bingo! - an electronic retailer in Florida had a near identical website. They also included a page on internet fraud which was strangely missing on the scam site. So I emailed the Florida firm and also filed an FBI complaint. Scam site is still there a day later, so nobody seems too fussed about it. http://www.digitalsplanet.com They get value two ways. email respondees provide money laundering. And anyone 'buying' from the site gets their credit card details stolen. Here's their 'contact us" page with EST store hours for a California store http://www.digitalsplanet.com/contact_us/contact_us.htm Here's the "real" site. Less broken - but still some bad pages. Flying bee-men missing from copy site :-) http://www.plasmacity.com/ http://www.plasmacity.com/CONTACT_US/CONTACT_US.htm RM