Paypal and Ebay Phishing Scams
I keep getting warnings and alerts from Paypal, eBay, my bank, and various other banks and financial institutions that I don't even have accounts with, all telling me to log in and verify my account information. I've read about something called phishing and am wondering if that's what these messages actually are?
You're right to be suspicious! These are indeed what us industry folk call phishing (pronounced like fishing). They are email messages sent by online criminals, purporting to be from legitimate sites, but they're trying to trick you into clicking into clones of the real site. Their purpose is to get you to visit the rogue site, then get you to enter your login and personal data, so they can commit fraud and identity theft.
My very smart cyberfriend Dave Taylor has some tips on how to identify phishing scams and protect yourself from identify theft:
Or does it link there? HTML messages can easily point to one site while appearing to point to another. So I cracked open the message and read through the source, to find my suspicions confirmed. Rather than actually link to the Paypal site, this message points to the Web address http://188.8.131.52/verify/index.htm.
Then, from the Mac OS X command line, I tried to telnet to that host, to see what would happen and here's what I got:$ telnet 184.108.40.206 Trying 220.127.116.11... Connected to insdel.snu.ac.kr. Escape character is '^]'. Connection closed by foreign host.
As you can see, rather than being the secure Paypal server in California, it's actually a site in Korea! Further investigation reveals that it's actually the Interdisciplinary Structural Design Laboratory at Seoul National University, news that I'm sure would be quite a surprise to the system administrators there!
Almost all of these phishing sites work the same way, taking you to Web sites referenced by number, with no domain name mentioned at all.
Since these criminals are "fishing" for account information (imagine the consequences of blindly entering your actual account and password information to their system!) these sort of scams that masquerade as real email from legitimate companies is now known as "phishing".
Some of these phishing messages are quite ingenious: I've received a wave of messages that appear to be a communication from a buyer on eBay who is just notifying me that they've paid me for an item they won on auction. The purpose of the message is for me to click the "reply" button, log in to "ebay" (it's not eBay, of course, it's the scam Web site collecting account information) and then doubtless get an error message to keep me from being too suspicious.
Here's how you can avoid being caught by these phishing messages: never click on a link in an email message. If you were to get a legit message from Paypal, eBay, Wells Fargo, Citibank, TCF, whomever, simply go to your Web browser and type in the address of the company Web site. Then log in as normal and check to see if there are any messages or other indications that there really is a problem. I'll bet that there isn't anything wrong at all.
After all, given how many of these annoying phishing messages are sent now, do you really think that these companies are going to send real messages and confuse their customers?
This article was posted by Bob Rankin on 14 Sep 2005
|For Fun: Buy Bob a Snickers.|
Reformatting Hard Drive
The Top Twenty
Windows Update Problem
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Paypal and Ebay Phishing Scams (Posted: 14 Sep 2005)
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Paypal and Ebay Phishing Scams"
27 Sep 2005
For more on this see my web site
and look at the Bad Emails page and the Links That Lie page.
This article discussed one type of URL trick to deceive people about the destination of a link. My Links That Lie page covers 10 other tricks as well as domain name tricks.
27 Sep 2005
On three occasions now, I've tried contacting (UK) banks, including my own, via their webpages to inform them that I've received convincing emails that are actually phishing expeditions, and to warn them that they should keep their online customers alert to the dangers of these scammers.
Twice I've been defeated by the lengthy and complex process involved in getting an email address for the relevant person to contact in the organization. The third time was lucky - I managed to find who to write to and did so - only to be completely ignored. Do banks actually care about phishing?
10 Aug 2007
I'd like to add that when I get a legit Paypal message, they always address me by my full name. The fakes usually start out with "Dear valued Paypal Customer" or something to that effect. This is because it's impractical to personalize every phishing email when the object is to blast their scams out as far and wide as possible. If your Paypal message has your full name in it, it still might be a fake. But if your name is nowhere in the email, you know for certain that it is a scam.
EDITOR'S NOTE: Right, and to be safe EVERY time, type in the web address manually, instead of clicking links in email.
11 Aug 2007
I receive phishing attacks all the time. Here's what I do:
1. If I am sure the email is false (I've gotten some from places I don't have an account with) report it to the company by putting firstname.lastname@example.org. Other sites, like banks use abuse@bankname.
2. If I'm not sure, I open another browser, or a second version of my browser. I use Firefox, so I would open another instance of Firefox and message them with the information. Other times I have opened the email with Internet Explorer. Be sure to include all the information included in the email especially the return address.
3. If you follow my directions I may reward you with one of the $1,000,000 bills in US currency that I receive periodically. I am really quite wealthy in funny money!
04 Jul 2011
I have received so PayPal phishing messages for so long that I have just given up on using PayPal entirely. I reported these for a while, and asked for help with them, and never got any response. It's simply not worth it to me to sort through a long list of PayPal messages, trying to determine which are legitimate and need my attention--so I deleted and/or "spammed" them all.