- The following alert is not provided because
I have any stock or interest in any company like Paypal, nor do I
have anything against them. This information is provided strictly to help
protect readers against a new slick kind of identity theft. Most likely
this new trick you'll read about below will be increasingly used
by other hackers, too. A new fake Paypal email described below just came
in this morning. Think of it like counterfeit money - can you always tell
the real from the fake?
- PHISHING WITHOUT A LICENSE
-
- This problem is happening with other
internet companies such as overstock.com, Amazon and other book companies
where millions have accounts at. What you will read below isn't intended
to single out Paypal as the only company experiencing this problem. The
purpose of this alert is to provide a real example of what these
bogus emails are about. This is also an example of something
called "phishing" by network system administrators - which is
another form of data mining. Banks have been putting up with this for years,
as online thieves attempt to get people to log in to bogus websites and
enter sensitive and personal information. To the unwary, it can spell financial
disaster. Online thieves know that by sending out millions of these emails,
sooner or later they will find a few hundred people who actually do have
bank accounts with a certain bank. And of those people - a few are
naive enough to enter their personal account access information.
- THE NEW TRICK
-
- In the PAST, when an email from Paypal
(or anywhere else) came in one could easily tell that it was a fraud by one
simple step. You could hover your mouse pointer over the blue URL
in the email, and look down at the bottom bar of your email program. A
completely different URL would then appear there. Now hackers have found
a way to trick your email program into displaying the SAME URL in that
bar as in the text of the email, to make you believe it's real. It's only
when you click on that link which *appears* legitimate, will you see a
different URL appear in your email program, Then your browser will go to
that hacker email address.
- WARNING: If you ever find yourself going
a fake look-alike URL, disconnect your internet immediately be turning
off or unplugging your modem, or disconnect the modem from the
phone line or cable. Close your browser IMMEDIATELY as a virus,
trojan or worm may have already loaded into your computer. Be
certain you ALWAYS run with a firewall set to maximum, and use good virus
protection program kept up to date! If you have accidentally let your browser
load a fake URL page, disable your internet access immediately. Run a complete
scan of your hard disk using your up to date virus protection program.
Your personal identity and your bank account may be at stake.
-
- Be aware that there is always the
possibility in today's morphing virus, trojan and worm world we live
in - that your protection software MAY NOT FIND THE HIDDEN BUG.
- NEVER count on an anti-virus program
to protect you from harm and give you a false sense of security, thinking
you go exploring anywhere on the web. Anti-virus programs are updated
many days AFTER a virus, trojan or worm is found on the web and damage
has already taken place. Fake WebPages are truly like the old expression
- if you play with fire, you're going to get burned.
- 1. This recent fraudulent Paypal
email will contain a link like this to click on:
-
- http://www.paypal.com/security/update.cgi=129943
- 2. Rolling your mouse over it will STILL
SHOW a URL that *appears* valid:
-
- http://www.paypal.com/security/update.cgi=129943
- NOTE: The above link is NOT a valid Paypal
webpage.
- However, the hacker's URL is a real webpage
that you'll be taken to very fast if you are foolish enough to click on
it. And that page looks like a real Paypal webpage. The .de extension
indicates this is may be a URL in Germany, but one cannot
be certain of that. For example, there are many dot-com URL addresses that
are Canada and do not end with .ca.
- 3. Here is the actual fake Paypal URL
you'll be taken to in the email.
- WARNING!
- DO NOT GO TO THE FOLLOWING URL.
- THIS IS PROVIDED FOR INFORMATION ONLY.
- Part of it has been changed here to
--- in order to prevent accidental or intentional access.
-
- http://gamerg---.de/vwar/includes/language/paypal-update/index.html
- If you were to go to this URL one
can expect to have their money or credit, Paypal username and password
stolen. Keep in mind that the "129943" on the end of the
fake URL in the email is most likely a randomly generated number and may
be different in your email, too.
- CAUTION! DO NOT BELIEVE your email is
valid because your e-mail's number is different from the one shown
above.
- In a valid link for a Paypal email, you
would not be re-directed to a non-Paypal website. To date, I've never received
a real request yet from Paypal asking me to update my information. Although
I'm not a violent person, I do believe that those who broadcast fake URLs
out on the web like this should be taken out and shot. The damage the thieves do
to people's lives is beyond measure.
- Ted Twietmeyer
- www.data4science.net
- www.bookonmars.info
|