or Connect
EpicSki › The Barking Bear Forums › EpicSki Community › Community Discussions & Forum News › PayPal / Ebay / Bestbuy warning...
New Posts  All Forums:Forum Nav:

PayPal / Ebay / Bestbuy warning...

post #1 of 10
Thread Starter 
This morning I received the email below. It looked legitimate, had a PayPal email address, etc, but as I read it, I thought PayPal do not need my PIN number, which I would NEVER give out. So, I did a quick search on the net, and found this...
PayPal email

So, just to warn you, if you receive a mail like this which looks like it's from PayPal, DO NOT FILL IT OUT!


Here is the mail:

Dear PayPal Customer

This e-mail is the notification of recent innovations taken by PayPal to detect inactive customers and non-functioning mailboxes.

The inactive customers are subject to restriction and removal in the next 3 months.

Please confirm your email address and and Credit Card info number by logging in to your PayPal account using the form below:

Email Address:
Full Name #:
Credit Card #:
Exp.Date(mm/yyyy) #:
ATM PIN (For Bank Verification) #:

[ June 24, 2003, 11:34 AM: Message edited by: dchan ]
post #2 of 10
Good catch, Fox, and thanks for the heads up.

Amazing. The sad thing is that I'm sure a lot of people will just blindly send that in.
post #3 of 10
FYI there have been a flood of ebay scams requesting the same type of info, be aware..
post #4 of 10
I got it a while ago, and smelled a rat right away. The PIN# request was a dead giveaway if the rest hadn't already been suspicious. :
post #5 of 10
I got it too, and looked at the raw HTML of the fraudulent email.

This is a classic "man-in-the-middle" exploit - It submits the form to a site at the UK free hosting site port5.com, Portland Communications. The offending site is a redirect page at ronaldhomepage.port5.com:

form action="http://www.paypal.com@ronaldhomepage.port5.com/post.php"

Note the clever use of the www.paypal.com@ before the real part of the URL. Most browsers ignore any part of a URL before an @ sign, but to a casual viewer it looks like it goes to PayPal.

Then as soon it apparently steals your login and credit card information, it actually does send you to PayPal with a login URL. So you'd believe it really was PayPal.

I can't believe that PayPal allows a login that has the password and login in the URL - that's what allows this type of exploit to happen with the real login at the end.

And I really can't believe that Port5 free webhosting still has that site up. I've emailed their abuse desk and postmaster address - I hope they kill this right quick.
post #6 of 10
I got this too the other day and it sure looked real. I did a double take on it. Then I forwarded it to info@paypal.com and they confirmed it to be a hoax. I'm willing to bet a lot of people gave that info.

post #7 of 10

FYI now Bestbuy.com is getting hit with this scam as well. Beware.
post #8 of 10
Yesterday I got an email that looked like an official eBay buyer inquiry. It referred to a watch the person wanted to buy. I currently have nothing on eBay and have never sold a watch. I did a search for the item number listed and no such item exists either. The email had an attachment with .exe on the end (always a scary proposition). I have no idea what they were trying to achieve, maybe a virus or maybe just getting me to respond and confirm my address for a mailing list. I punted it, keep your eyes open.
post #9 of 10
Watch out guys,

Here's another one. It comes across as a notification that your paypal account has been limited and refers you to a page that looks like the paypal sign in but after looking at the source code of the email, it's really a different address. Don't fall for it. This one came with a "from" address of service@paypal.com however it's a spoofed address from buendgen@wu-wien.ac.at
post #10 of 10
Good job men and ladies.
I just got one from ebay about my cc# was inactive,yeah right. I check the properties of the email and it was a totally false email addy and a another reply addy. I ought infect their well never mind. Thanks for the heads-up epic skiers. I've got my sights on J.Hole this winter.
New Posts  All Forums:Forum Nav:
  Return Home
EpicSki › The Barking Bear Forums › EpicSki Community › Community Discussions & Forum News › PayPal / Ebay / Bestbuy warning...