• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Files spread between Dropbox, Google Drive, Gmail, Slack, and more? Dokkio, a new product from the PBworks team, integrates and organizes them for you. Try it for free today.

View
 

PayPalPhishing

PayPal phishing trip

comments by ClifNotes, May 2006, permalink

 

What is a phishing email?

 

Edgar in the Philippines received a letter appearing to be from PayPal:

 

Clif, I got this today in my bulk folder. I'm sure this is spam or a hoax or what, cause there is the UNEXPECTED_DATA_AFTER_ADDRESS@.SYNTAX-ERROR after the email address; I am not a member of PayPal; and I do not know a Bill Chang.

 

What should I do with this email?

 

I took a quick look at the email and I was able to quickly confirm it is a phishing email. Edgar noticed that there was something wrong with the email address, but the true nature of the email was revealed by a link at the bottom that offers you the chance to dispute the charge. In this case, they claim Edgar purchased a cell phone for nearly 800 dollars. Gee whiz Edgar, I could have gotten you a better deal (LOL).

 

Here is the "hook" on the phishing line:

 

If you haven't authorized this charge, click the link

below to cancel the payment and get a full refund.

Dispute Transaction

 

The bold text "Dispute Transaction" in the email was a link to the phishing page where they hope people are foolish enough to login to this fake PayPal home page so that they can capture their account email addresses and passwords.

 

The website was so realistic looking that the only way to tell the difference was to look at the internet address. The fake website was apparently hosted by a travel agency's website in Taiwan at (ns1.eztravel.com.tw). Below are side by side screenshots of the fake and real PayPal home pages. I bet you can't tell me which one is real.

 

 

The one on the left is the real one. Here are links to full size images of the real and fake websites.

 

Edgar, here is the answer to your final question, "What should I do with this email?"

 

This email was in your bulk folder and you should only report email that makes it into your Inbox. In the future, you can safely assume any email that is in your Bulk folder is spam or a scam, unless you recognize the sender and you know it doesn't belong there. This is especially true of any email from PayPal, Ebay, and many banks or other online financial businesses.

 

If it is in your Inbox, then you should forward the email (including full headers) to spoof@paypal.com and also report it as spam to your email service provider.

 

Brett Christensen of HoaxSlayer tells us what to do with scam emails such as this one in his Scam FAQ page.