REPORT SUMMARY Date Reported
19th & 26th February 2004
Apparent Sender
Paypal Subject
Verify your identity Senders Address
(spoofed)
verification@
paypal.com Content
text with a disguised
link to forged
web page and
which uses URL
spoofing Spoofed Web page/site?
Yes Web page/site origin
SPOOFED URL
http://
www.paypal.com
TRUE URL
http://
207.173.186.52:85
OR
http://
210.14.228.66/
sr/verify.htm
More... HOME Latest
email scam See our guide to
phishing scams Other
Resources... See our guides to 1st Edition Books Book Terminology Free Utilities... Worldwide Currency
Converter Auction Watcher List of
Auction Sites |
|
|
|
Paypal - Verify your identity - Phishing Scam
19th & 26th February 2004
This spoof email claims that Paypal have upgraded their
server and need you to complete the registration form again...
read also our brief guide to Phishing
This spoof Paypal email (see image below) is a forgery which
contains a disguised link to a forged web page (see image below) which aims to
convince users to give up their personal and financial information.
The scam further utilises the URL spoofing vulnerability
that exists in unpatched versions of Internet Explorer. This bug allows the URL
(in the browser address bar) to be spoofed - for instance, www.ebay.com could
be shown while a forged page at a completely different URL would be shown in
the browser window. Please ensure that you run Windows Update to patch your version
of Internet Explorer.
This bug has been increasingly exploited by email
scammers in the last 4 to 6 months, and they continue despite Microsoft's recent
patch. The vulnerability allows a fake URL to be shown in the status
bar of Microsoft Outlook and browser products (while holding the cursor over
the link). We have set up a
Browser
Test cloaked link which you can use to see if your browser is vulnerable.
You can also check links in emails or web pages for cloaking using our
Link
Checker, and you can check for URL spoofing while at a web page using
our URL
Checker (which will also reveal the true origin of the web page that
you are viewing). |
|
Stay
informed of the latest Spoof Email Phishing Scams with either of our FREE alert services...
Email
Alerts
Add your email address to our email alert service...
Subscribe
Privacy Policy
RSS
News Feed
Tap into our Scam Alert service using your News Reader or Aggregator (including
My Yahoo!).
Scam Alert News Feed
You can even put the latest alerts on your own web
site. |
If you have received this email, please remember that it
is very common for these email scams to be redistributed at a
later date with only slightly different content or the same but with the fake
page(s) hosted by a different provider. Also, once you have received one of
these hoaxes, it is also common place to receive at least another one
and usually a day or two after the first, although not necessarily from
the same apparent sender.
Take a good look at the following images, because this email scam may be coming
to an inbox near you!
The Email ...
|