Welcome to MSDN Blogs Sign in | Join | Help

Leading Trump - Pradeep U.N. & his Blog about Nothing.

Now Featuring: The Microsoft WorldWide Enterprise & Support Services - "Recruiting/Jobs Committee Blog" Pilot

Syndication

News

These postings are provided as is with no warranties, and confers no rights. Additionally, views expressed herein are my own and not those of my employer, Microsoft. View Pradeep U.N.'s profile on LinkedIn
Deep C Phishing: PayPal Security Notice Fraud Alert....

Just a few minutes ago - I was almost "Phished". I received an email at one of my personal email accnt with the title.

PayPal Security Notice ID #352928679 - Identity Confirmation Request from service@paypal.com

A near-perfect Phish - since I was expecting a paypal payment from a friend anyday now and knew I would get an email from this address. And the link takes you to a very pay-pal looking website too. And being a paypal user for over 4 yrs for nearly 100 transactions so far - this is quite intimidating.

A Simple google confirmed that this was indeed a Phish - see here for details

Yes - I realise I did a NEO dodging this bullet - but seriously I had some help. No not from a Morpheus guy - but just recently I had changed my Paypal login to a different accnt than the accnt I got the email in. The rest is - oh well, Elementary Dear Watson.

Published Thursday, July 14, 2005 9:22 AM by Pradeep U.N.

Filed under:

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# re: Deep C Phishing: PayPal Security Notice Fraud Alert.... @ Thursday, July 14, 2005 1:31 PM

I've received this email a few times. I was immediately able to find that it was 'phising' because i never have a paypal account!!! Of late, i've been receiving similar fraudulous emails from people calling themselves as 'ebay.' Even though i've an ebay account, it was easier to find out!

balajik

# re: Deep C Phishing: PayPal Security Notice Fraud Alert.... @ Thursday, July 14, 2005 1:44 PM

Yea Balaji - You should see the Phishes from Citibank. They are super-authentic.
Thankfully they expected me to login to the website and do some edits - which was wierd for a Bank Accnt.

But for Paypal - its quite normal in terms of operations - which is what could make this quite successful.

Pradeep U.N.

# re: Deep C Phishing: PayPal Security Notice Fraud Alert.... @ Thursday, July 14, 2005 2:06 PM

Yeah, i heard about the citibank one! Thankfully, i haven't gotten that one in my email! There is another going around that will ask you to login using your yahoo account and if you did, that account is well and truly gone!

Anyways, i went through your blog and read about your roller-coaster ride to join MS. It was great reading! I happened to read elsewhere that you are from Chennai!? I am also from Madras as i like to call it!

Cheers,
Balaji K.

balajik

# re: Deep C Phishing: PayPal Security Notice Fraud Alert.... @ Thursday, July 14, 2005 2:26 PM

YEah i still have 3 parts of that roller-coaster ride to finish and I cant seem to get to it with my new home, work and stuff.

But yeah am a madras, PSBB-guy. Not that it matters - but it is pretty much thelast thing I did when i lived in Madras.

Pradeep U.N.

# re: Deep C Phishing: PayPal Security Notice Fraud Alert.... @ Thursday, July 14, 2005 5:27 PM

I had rec'd a washington mutual email once about abormal activity on my account and a call to login from the link in the email and verify information. Of course I had no WAMU account personally, but being curious I followed the link and eventually got to the page and tried to disassemble it. Here are somethings I observed -
1.) Exact copy of the WAMU page including the source (well almost exact), hosted on some strange webserver.
2.) No lock icon or hosting on https: (this is normally the dead give-away)
3.) Almost all links except one, direct you to other WAMU pages (which are asp pages BTW)
4.) The main "login" link leads you to some unknown php page.
Smart eh ? But using an ordinary non-techie person as an example, it is easy to see how one would fall for these scams.

krakow

Leave a Comment

(required) 
required 
(required) 

  
Enter Code Here: Required
© 2009 Microsoft Corporation. All rights reserved. Terms of Use  |  Trademarks  |  Privacy Statement  
Page view tracker