Paypal and Ebay Phishing Scams

Category: Security

I keep getting warnings and alerts from Paypal, eBay, my bank, and various other banks and financial institutions that I don't even have accounts with, all telling me to log in and verify my account information. I've read about something called phishing and am wondering if that's what these messages actually are?

You're right to be suspicious! These are indeed what us industry folk call phishing (pronounced like fishing). They are email messages sent by online criminals, purporting to be from legitimate sites, but they're trying to trick you into clicking into clones of the real site. Their purpose is to get you to visit the rogue site, then get you to enter your login and personal data, so they can commit fraud and identity theft.

My very smart cyberfriend Dave Taylor has some tips on how to identify phishing scams and protect yourself from identify theft:

This afternoon, I received a message that looks exactly like it came from Paypal. It had a Paypal return address, a legit looking case address, and even a link on the bottom to the Paypal privacy policy. In the middle was the important link, though: "To update your Paypal records, click on the following link:" followed by the link "https://www.paypal.com/cgi-bin/webscr?cmd=_login-run".

Or does it link there? HTML messages can easily point to one site while appearing to point to another. So I cracked open the message and read through the source, to find my suspicions confirmed. Rather than actually link to the Paypal site, this message points to the Web address http://147.46.36.234/verify/index.htm.

Then, from the Mac OS X command line, I tried to telnet to that host, to see what would happen and here's what I got:

$ telnet 147.46.36.234
Trying 147.46.36.234...
Connected to insdel.snu.ac.kr.
Escape character is '^]'.
Connection closed by foreign host.

As you can see, rather than being the secure Paypal server in California, it's actually a site in Korea! Further investigation reveals that it's actually the Interdisciplinary Structural Design Laboratory at Seoul National University, news that I'm sure would be quite a surprise to the system administrators there!
Almost all of these phishing sites work the same way, taking you to Web sites referenced by number, with no domain name mentioned at all.

Since these criminals are "fishing" for account information (imagine the consequences of blindly entering your actual account and password information to their system!) these sort of scams that masquerade as real email from legitimate companies is now known as "phishing".

Some of these phishing messages are quite ingenious: I've received a wave of messages that appear to be a communication from a buyer on eBay who is just notifying me that they've paid me for an item they won on auction. The purpose of the message is for me to click the "reply" button, log in to "ebay" (it's not eBay, of course, it's the scam Web site collecting account information) and then doubtless get an error message to keep me from being too suspicious.

Here's how you can avoid being caught by these phishing messages: never click on a link in an email message. If you were to get a legit message from Paypal, eBay, Wells Fargo, Citibank, TCF, whomever, simply go to your Web browser and type in the address of the company Web site. Then log in as normal and check to see if there are any messages or other indications that there really is a problem. I'll bet that there isn't anything wrong at all.

After all, given how many of these annoying phishing messages are sent now, do you really think that these companies are going to send real messages and confuse their customers?

Thanks Dave!

 
Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Email:

Check out other articles in this category:



Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 14 Sep 2005


For Fun: Buy Bob a Snickers.

Prev Article:
Reformatting Hard Drive

The Top Twenty
Next Article:
Windows Update Problem

Most recent comments on "Paypal and Ebay Phishing Scams"

Posted by:

michael horowitz
27 Sep 2005

For more on this see my web site
www.michaelhorowitz.com
and look at the Bad Emails page and the Links That Lie page.

This article discussed one type of URL trick to deceive people about the destination of a link. My Links That Lie page covers 10 other tricks as well as domain name tricks.


Posted by:

Ketlan
27 Sep 2005

On three occasions now, I've tried contacting (UK) banks, including my own, via their webpages to inform them that I've received convincing emails that are actually phishing expeditions, and to warn them that they should keep their online customers alert to the dangers of these scammers.
Twice I've been defeated by the lengthy and complex process involved in getting an email address for the relevant person to contact in the organization. The third time was lucky - I managed to find who to write to and did so - only to be completely ignored. Do banks actually care about phishing?


Posted by:

Marc
10 Aug 2007

I'd like to add that when I get a legit Paypal message, they always address me by my full name. The fakes usually start out with "Dear valued Paypal Customer" or something to that effect. This is because it's impractical to personalize every phishing email when the object is to blast their scams out as far and wide as possible. If your Paypal message has your full name in it, it still might be a fake. But if your name is nowhere in the email, you know for certain that it is a scam.

EDITOR'S NOTE: Right, and to be safe EVERY time, type in the web address manually, instead of clicking links in email.


Posted by:

Elna
11 Aug 2007

I receive phishing attacks all the time. Here's what I do:

1. If I am sure the email is false (I've gotten some from places I don't have an account with) report it to the company by putting spoof@paypal.com. Other sites, like banks use abuse@bankname.

2. If I'm not sure, I open another browser, or a second version of my browser. I use Firefox, so I would open another instance of Firefox and message them with the information. Other times I have opened the email with Internet Explorer. Be sure to include all the information included in the email especially the return address.

3. If you follow my directions I may reward you with one of the $1,000,000 bills in US currency that I receive periodically. I am really quite wealthy in funny money!


Posted by:

Ralph Milligan
04 Jul 2011

I have received so PayPal phishing messages for so long that I have just given up on using PayPal entirely. I reported these for a while, and asked for help with them, and never got any response. It's simply not worth it to me to sort through a long list of PayPal messages, trying to determine which are legitimate and need my attention--so I deleted and/or "spammed" them all.


Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! And please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are previewed, and may be edited before posting.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
RSS   Add to My Yahoo!   Feedburner Feed
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google.


Article information: AskBobRankin -- Paypal and Ebay Phishing Scams (Posted: 14 Sep 2005)
Source: http://askbobrankin.com/paypal_and_ebay_phishing_scams.html
Copyright © 2005 - Bob Rankin - All Rights Reserved