[TriLUG] OT: phishing on PayPal
David A. Cafaro
dac at trilug.org
Mon Jan 10 15:19:06 EST 2005
There is a simple explanation of how the phishers figured you were
traveling. Pure dumb luck.
I've received the exact same type of Paypal notice about seeing my
account being accessed from multiple IP's and such. There are just
hoping that people equate that with using their paypal account from home
and from work (and maybe from school as well). It just happens to fit
your usage profile even better than their generic target. They also
don't know for sure you have a paypal account (the one they referred to
in mine was closed several months before by myself), just counting on
the large percentage of email accounts that are associated with paypal
accounts.
-David
On Mon, 2005-01-10 at 15:07, Joseph Mack wrote:
> I don't know whether phishing is news to people on this group, but this
> is the first time it's happened to me.
>
> I've been doing some travelling and accessing paypal from various different
> IPs and wasn't terribly surprised to get e-mail from PayPal telling me that
> they had noticed my change in behaviour and quoting the domains I was coming
> from (which I didn't recognise) and wanted me to go to their site
> and reconfirm my identity. I expected to need an exchange of e-mails to
> my registered e-mail account. Instead when I clicked on the link labelled
> www.paypal.com (or whatever) I got a webpage with an IP in the URL and
> asking me to fill in my credit card details. Looking at the e-mail I see
> the link displays the string for paypal, but the embedded link is to an IP.
>
> I've e-mailed PayPal cc:'ing the mail, and asking how someone else might
> know I've been travelling (they may not, and are just sending the same
> e-mail to everyone), but have not heard back from them. I'm also wondering
> how anyone knows I have a paypal account.
>
> Joe
> --
> Joseph Mack PhD, High Performance Computing & Scientific Visualization
> LMIT, Supporting the EPA Research Triangle Park, NC 919-541-0007
> Federal Contact - John B. Smith 919-541-1087 - smith.johnb at epa.gov
--
David A. Cafaro
dac(at)cafaro.net
Admin to User: "You did what!?!?!"
More information about the TriLUG
mailing list