Friday, 20 November 2009
Home arrow Reference arrow Tech Talk arrow Phishing for PayPal

Advertisement
See Our Latest Ads

Click here to check out our new ads!

 

Support
Located in Poulsbo, WA, USA
Operating on Pacific Time.

Email: support@stopsign.com
iShield
Related Items
Main Menu
Home
Products
Reference
Support
Company
Downloads
FreeScan
Purchase
Phishing for PayPal

I recently received an email that was supposedly from “PayPal.” The sender was This e-mail address is being protected from spam bots, you need JavaScript enabled to view it It said that my account was about to expire and that I need to update my information. There is a link provided in the email that appears to be legitimate, but it doesn't take you to PayPal's site -- though the site to which it takes you it looks almost just like the PayPal site.

You will find some screenshots and more information on this Phishing scam within this article.

Below is the email that I received today:

Image

When you click on the link provided, a legitimate looking page loads. However, the site begins with an IP address and then the PayPal site, as seen in the screen shot below.

Image

It claims it will log you in to PayPal when you enter your information, but what it really does is just record your information. We used a dummy account and were able to log in, even though the dummy account isn't actually a real Paypal account. Once you log in, it asks you to update your information, including credit card information and social security number.

Image

After you update your information, it will try to log you in to the legitimate PayPal site.

Image

This is an elaborate phishing scheme based on a site that mimics the legitimate PayPal site. The attackers are trying to trick unsuspecting users into giving up their account information. This information could be used to steal not only your account, but your identity!

Please be careful about opening or following instructions in emails that ask for personal information. Always verify the sender, and make sure that the company that it's claiming to be from actually did send that email. If they didn't, your call will notify them of the scam so they can take action to stop it. Do not use the phone numbers provided in an email address; use information from a statement from the company, information you got when you signed up for the account, or the actual website.

It is easy to get caught by these phishers if you aren't careful. Always question any email or website that asks for personal information. I've had friends that were caught by phishing scandals -- they now know not to trust all the emails that they receive and know to verify that the emails they receive are legitimate.


 
Design by Team StopSign | Powered by eAcceleration.com
© 2009 StopSign.com

Top!