Paypal and Ebay Phishing Scams
I keep getting warnings and alerts from Paypal, eBay, my bank, and various other banks and financial institutions that I don't even have accounts with, all telling me to log in and verify my account information. I've read about something called phishing and am wondering if that's what these messages actually are?
You're right to be suspicious! These are indeed what us industry folk call phishing (pronounced like fishing). They are email messages sent by online criminals, purporting to be from legitimate sites, but they're trying to trick you into clicking into clones of the real site. Their purpose is to get you to visit the rogue site, then get you to enter your login and personal data, so they can commit fraud and identity theft.
My very smart cyberfriend Dave Taylor has some tips on how to identify phishing scams and protect yourself from identify theft:
Or does it link there? HTML messages can easily point to one site while appearing to point to another. So I cracked open the message and read through the source, to find my suspicions confirmed. Rather than actually link to the Paypal site, this message points to the Web address http://188.8.131.52/verify/index.htm.
Then, from the Mac OS X command line, I tried to telnet to that host, to see what would happen and here's what I got:$ telnet 184.108.40.206 Trying 220.127.116.11... Connected to insdel.snu.ac.kr. Escape character is '^]'. Connection closed by foreign host.
As you can see, rather than being the secure Paypal server in California, it's actually a site in Korea! Further investigation reveals that it's actually the Interdisciplinary Structural Design Laboratory at Seoul National University, news that I'm sure would be quite a surprise to the system administrators there!
Almost all of these phishing sites work the same way, taking you to Web sites referenced by number, with no domain name mentioned at all.
Since these criminals are "fishing" for account information (imagine the consequences of blindly entering your actual account and password information to their system!) these sort of scams that masquerade as real email from legitimate companies is now known as "phishing".
Some of these phishing messages are quite ingenious: I've received a wave of messages that appear to be a communication from a buyer on eBay who is just notifying me that they've paid me for an item they won on auction. The purpose of the message is for me to click the "reply" button, log in to "ebay" (it's not eBay, of course, it's the scam Web site collecting account information) and then doubtless get an error message to keep me from being too suspicious.
Here's how you can avoid being caught by these phishing messages: never click on a link in an email message. If you were to get a legit message from Paypal, eBay, Wells Fargo, Citibank, TCF, whomever, simply go to your Web browser and type in the address of the company Web site. Then log in as normal and check to see if there are any messages or other indications that there really is a problem. I'll bet that there isn't anything wrong at all.
After all, given how many of these annoying phishing messages are sent now, do you really think that these companies are going to send real messages and confuse their customers?
This article was posted by Bob Rankin on 14 Sep 2005
|For Fun: Buy Bob a Snickers.|
Reformatting Hard Drive
The Top Twenty
Windows Update Problem
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005
- Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Paypal and Ebay Phishing Scams (Posted: 14 Sep 2005)
Copyright © 2005 - Bob Rankin - All Rights Reserved