Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Paypal Spoof Mail

  • 02-08-2006 5:51pm
    #1
    Closed Accounts Posts: 5,362 ✭✭✭


    I reported a mail I got to paypal today which turned out to be a spoof. It arrived in my inbox from service@paypal.com and had paypal logos everywhere etc. It looked genuine.

    The subject basically said I had recived a dollar amount from a person. It seemed to be a confirmation email. I assumed that someone had put money into my account by mistake so I clicked the "view transaction details" link.

    I dont suggest anyone uses this link but it was http://ww w.paypal.com.cgi-bin.websc.cmd.login-run.mn/

    Again I thought it was genuine so I tried to log in and had no luck. (Basically I think this was also a fake website).

    So.. to cut a longer story short, the worst these people have is my email address and password.. and access to my paypal account. I've changed the password on the paypal (no activity has gone on between when I got the mail and now) and also changed the password on my email account.

    Should I get the bank to issue me a different credit card? i.e. could they have used my paypal account to get the credit card number and use it?

    Thanks!


Comments

  • Closed Accounts Posts: 36,634 ✭✭✭✭Ruu_Old


    At least give the credit card company a call and get them to notify you of any suspicious activities (most of them will do so anyway). Let them know the situation, I would probably get a new credit card (or maybe they can change the number for you instead of going through hassle of forms, etc) Bad luck. :(


  • Closed Accounts Posts: 5,362 ✭✭✭Trotter


    Ruu wrote:
    At least give the credit card company a call and get them to notify you of any suspicious activities (most of them will do so anyway). Let them know the situation, I would probably get a new credit card (or maybe they can change the number for you instead of going through hassle of forms, etc) Bad luck. :(

    I think I will.. just to be on the safe side. Im normally very careful but jeez how are ya supposed to know if its paypal or not. Although.. theres no way of finding the credit card number from the paypal site, even if they did have the login. The first 12 digits are X'd out. So.. they havent used the account, and cant access the card number. The password is changed now, so hopefully.. maybe just getting the bank to watch out for a while might be enough.


  • Closed Accounts Posts: 36,634 ✭✭✭✭Ruu_Old


    A few of those emails I have come across would come into my inbox in Mozilla Thunderbird which would mark it as junk mail right away. You can normally tell by just running your mouse over the email or link and you will notice that something is not right (ie the link shown might be www.paypal.com but its actually http://82.11.123.0.1/bin, which could be a remote computer somewhere logging your details). Some of them are very convincing, some are very stupid. As always check if the link is secure (it should always be [https://www.paypal.com]. Paypal emails always send emails with the account name like Dear Trotter, the fake ones normally come as Dear member or Dear Paypal user.


  • Subscribers Posts: 19,425 ✭✭✭✭Oryx


    Best advice is never ever follow links from an email. Go to the site and log in in the normal way. These guys get more clever all the time. Hopefully you wont lose out because of it, and thanks for posting a warning.


  • Closed Accounts Posts: 5,362 ✭✭✭Trotter


    Well in this case I think I've caught it soon enough. They havent got my credit card details, havent used my paypal account, cant access my email or paypal account now and I've changed my ebay password too.


  • Advertisement
  • Closed Accounts Posts: 1,031 ✭✭✭whassupp2


    having read your post, i was just wondering is there anybody that you can report this to and anyway of catching the people behind this???


  • Closed Accounts Posts: 5,362 ✭✭✭Trotter


    whassupp2 wrote:
    having read your post, i was just wondering is there anybody that you can report this to and anyway of catching the people behind this???


    I've reported it to the fraud dept in paypal and the mailed me back saying "Our fraud prevention team is working to disable any website linked to
    this email."

    I doubt theres anything else I can do.


  • Closed Accounts Posts: 36,634 ✭✭✭✭Ruu_Old


    whassupp2 wrote:
    having read your post, i was just wondering is there anybody that you can report this to and anyway of catching the people behind this???

    You report them to Paypal. I'm sure they have thousands of them everyday and I'm sure they have someway of tracking down the people responsible, I bet its some amount of work to do though. It could be, a great deal of the time, just a remote computer in the middle of nowhere that logs all the details.


  • Registered Users, Registered Users 2 Posts: 5,430 ✭✭✭Sizzler


    I have to say I wouldnt believe any such email, a few very valid points have been raised in subsequent posts but its fair to say that such mails stand out like a sore flute so tread carefully.

    As well as reporting such emails to spoof@paypal.com you can also report it to :

    http://www.antiphishing.org/report_phishing.html

    Generally these sites are shut down within hours of go live but you can be sure they will catch out more than one person in that window.


  • Closed Accounts Posts: 5,362 ✭✭✭Trotter


    Sizzler wrote:
    I have to say I wouldnt believe any such email, a few very valid points have been raised in subsequent posts but its fair to say that such mails stand out like a sore flute so tread carefully.

    Thats easily said when it hasnt caught you out. I think this one was designed not to stand out like a "sore flute".


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 5,430 ✭✭✭Sizzler


    Trotter wrote:
    Thats easily said when it hasnt caught you out. I think this one was designed not to stand out like a "sore flute".

    Post it and we shall do some diagnosis ;)


  • Closed Accounts Posts: 5,362 ✭✭✭Trotter


    Sizzler wrote:
    Post it and we shall do some diagnosis ;)

    You mean post it so you can tell me all the things you wouldnt have fallen for? Thats hardley going to brighten my day.
    Sizzler wrote:
    I have to say I wouldnt believe any such email
    Why do you want to see the mail when you already know you wouldnt believe it? You've obviously already seen the email because its the one you wouldnt ever fall for right?

    That or you're just that damn good. I wish I was as clever.


  • Registered Users, Registered Users 2 Posts: 5,430 ✭✭✭Sizzler


    Trotter wrote:
    You mean post it so you can tell me all the things you wouldnt have fallen for? Thats hardley going to brighten my day.


    Why do you want to see the mail when you already know you wouldnt believe it? You've obviously already seen the email because its the one you wouldnt ever fall for right?

    That or you're just that damn good. I wish I was as clever.

    I was going to do you a favour and point out what was wrong with it, but as you said thats not gonna make you feel any better :(


  • Closed Accounts Posts: 5,362 ✭✭✭Trotter


    Sizzler wrote:
    I was going to do you a favour and point out what was wrong with it, but as you said thats not gonna make you feel any better :(

    Sorry Sizzler.. I got the impression that you were gonna gloat. You did say straight away that they stand out like a sore flute and you'd never get caught out.. so thats a tad condescending do you not think? I've a degree in computer science and this one was sneaky enough to catch me. If they stood out I wouldnt have clicked it. Yes I was under pressure with time when I clicked it, but I can assure you, it did not stand out.

    I know what was wrong now.. no lock for indicating a secure site.. no HTTPS.. and the link was

    http ://www .paypal.com.cgi-bin.websc.cmd.login-run.mn/

    whereas the legit link to the related legit paypal page is

    https ://www .paypal.com/cgi-bin/websc... and so on.

    Also it was addressed to my email address and not to my name.


  • Registered Users, Registered Users 2 Posts: 5,430 ✭✭✭Sizzler


    Trotter wrote:
    Sorry Sizzler.. I got the impression that you were gonna gloat. You did say straight away that they stand out like a sore flute and you'd never get caught out.. so thats a tad condescending do you not think? I've a degree in computer science and this one was sneaky enough to catch me. If they stood out I wouldnt have clicked it. Yes I was under pressure with time when I clicked it, but I can assure you, it did not stand out.

    I know what was wrong now.. no lock for indicating a secure site.. no HTTPS.. and the link was

    http ://www .paypal.com.cgi-bin.websc.cmd.login-run.mn/

    whereas the legit link to the related legit paypal page is

    https ://www .paypal.com/cgi-bin/websc... and so on.

    Also it was addressed to my email address and not to my name.

    No bother :) Also note that paypal dont send you links once you have set up an account with them, they direct you to their website but they never give you a click URL.


Advertisement