User0101
Premium
join:2002-12-12
S-ZZ9-PZA
clubs:  | Phishing With The Wrong Bait
Why anyone would follow a link sent to them through EMAIL "to update their account" after so many repeated phishing attacks over the years truly surprises me.
I feel sorry for the victims and I'm sure that this will be a tough lesson learned. |
|
AnonProxy
Proxy of Anon
Premium
join:2001-05-12
ß
| The reason these thing work is because people are STUPID.
At this point and time NO ONE with half a brain should even respond to anything of the like.
If you are so stupid to respond to an e-mail from "paypal" (jesus just look at the headers if unsure) stay of the "interwebs". |
|
brianiscool
join:2000-08-16
Miami, FL | Some people have no sense of intelligence. |
|
technick
Premium
join:2000-12-16
Loganville, GA
1 edit | reply to AnonProxy
said by AnonProxy  :The reason these thing work is because people are STUPID. At this point and time NO ONE with half a brain should even respond to anything of the like. If you are so stupid to respond to an e-mail from "paypal" (jesus just look at the headers if unsure) stay of the "interwebs". It's great that these "web consultants" were schooled... The web is full of idiots... I wonder how much these phishers make in a year. If it wasn't for these stupid people, phishers would exist and the international lotto / off shore fund transfers wouldn't exist.
--
"Our greatest glory consists not in never falling, but in rising everytime we fall." - Confucius
Bellsouth Free Since 10/05 - To Hell With Bellsouth
Advocatus Diaboli |
|
rammjet
join:2003-08-27
West Palm Beach, FL | reply to User0101
What if someone created a bunch of eBay pages with Buy Now prices that were too good to be true?
Then the link to Paypal was bogus? |
|
b10010011
Whats a Posting tag?
join:2004-09-07
Bellingham, WA |  1000 idiots
Look at the examples, none of the URL's are even secure (HTTPS) Most of them are not even Pay Pal.
People will never learn!  |
|
Jason Levine
Premium
join:2001-07-13
USA
| Easy way to avoid Phishing
I've gotten the "your account needs to be updated" and the "someone has added an e-mail address to your account" Paypal phishes for quite awhile. Of course, I just junk them, but there's an easy 4 step method for double-checking that it's a phish without falling for the phish.
Step #1: Don't click on any links in the e-mail!
Step #2: Open a new Browser Window.
Step #3: Type "http://www.paypal.com/" in the address bar.
Step #4: Log into your account.
Now if it's a valid warning, there should be some type of warning in your account area as well as a method of fixing the problem. If not (and most likely there won't be), report the phishing attempt to spoof@paypal.com.
--
-Jason Levine
My Gallery | Jason's Toolbox | PCQandA.com | URateit.com |
|
rewket
Premium
join:2003-08-21
Longueuil, QC
| obviously
This guy is made to be something he isnt on this site
1100 in 2days is very normal, i can point you to 5 msn's of people who get more than that in 1day when they come up with a new idea.
But wow, this scammer sure did some nice work and no im not against phishers.. I like to think that this is natural selection electronic version. Idiots that get phished will
a) quit the internet, hurray!
b) buy lots of protection hence giving money to hopefully a good tech company
c) get educated |
|
emptywig
Huh? What?
Premium
join:2002-08-05
Pasadena, TX | So I guess you're not against murder, or robbery, or usury, extortion, either? All natural selection, right? Whoever has the biggest stick and all that? 
wig |
|
jsuboh
join:2002-06-13
Earlimart, CA
 ·RoadRunner Cable
| Put some of the blame on PayPal
I don't blame the victims for being stupid. Paypal still does not implement SPF properly or for that matter any other type of email address verification. Also, many ISP email servers do not verify email address through SPF or other means. Another thing is that PayPal, has been sending out emails to agree to their new terms or your account will be suspended (sounds Phishy to me) similar to what these scums do. So, again I don't blame these people for being stupid |
|
gworkman7
join:2005-10-18
Vail, AZ
 ·PHONE POWER
·magicjack.com
 ·Qwest.net
·Broadvox Direct
| Incontinent?
Look at slide #7, last paragraph, where they apologize for any "incontinence" this may have caused.
Unfortunately, most folks don't look at the URL being produced by a link. If they did, they'd see that they are being pointed to an IP address, not paypal.com. |
|
mackjr
join:2006-04-14
Bayonne, NJ | Even more unfortunately, most folks don't know that seeing an IP address instead of paypal.com is a problem. |
|
MDboyz
join:2001-01-11
Silver Spring, MD
| reply to jsuboh
Re: Put some of the blame on PayPal
I don't get it. How this Paypal's fault? I don't think Paypal has control over which link its customer clicks on. And I've never received any email from Paypal requires me to click on any link to verify anything or agree to anything.
--
My life is on the fast lane ... Verizon FIOS.. |
|
nonner9
join:2005-10-14
Charlotte, NC
| Part of the problem...
Some of these sophisticated schemes will change the HOSTS file in the Windows directory (ie. through holes in IE security)
Once this is done, any calls to an www.paypal.com can be redirected to a IP address without the user seeing the IP or other domain in their web browser. This was one of the main reasons Bank of America phishing scheme duped so many people.
If you remember, the BoA scam was around the time that there was the IE bug with images which allowed malicious access (ie. changing HOSTS file)
If you want to check the file 'hosts':
.\WINDOWS\system32\drivers\etc\
It should look something like this and
99% of the time it should be empty, this is
mainly a carry over from Win NT days, so
if you don't know why an entry is there, it
probably shouldn't be there...
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost |
|
nonner9
join:2005-10-14
Charlotte, NC | reply to mackjr
Re: Incontinent?
or the ip address has been switched behind the scenes, see my post below |
|
CJ
join:2000-07-18
USA
| reply to AnonProxy
Re: Phishing With The Wrong Bait
I like how people are quick to say others are stupid and whatnot. I guess the ones that do are perfect and have never made a mistake or done anything stupid themselves. Tons of new people join the internet everyday and are not savvy enough to distinguish a legit or fake email. You think an internet noob would even know what a header was, or an IP address for that matter.
You know what they say about people living in glass houses. |
|
Rifkinn
join:2005-11-21
Sullivan, IN | reply to nonner9
Re: Part of the problem...
lol, my hosts file is 340kb. hundreds of ad blocking popup stopping love..... |
|
b10010011
Whats a Posting tag?
join:2004-09-07
Bellingham, WA
·Comcast Formerly ..
| reply to gworkman7
Re: Incontinent?
Well a lot of people could pee their pants once they realise they have so stupid as to hand over their identity and pay pal account to a scammer.    |
|
n2jtx
join:2001-01-13
Glen Head, NY
·Optimum Online
| reply to MDboyz
Re: Put some of the blame on PayPal
said by MDboyz :I don't get it. How this Paypal's fault? I don't think Paypal has control over which link its customer clicks on. And I've never received any email from Paypal requires me to click on any link to verify anything or agree to anything. However, Paypal does send out emails with links to click on to bring up their site. That alone is outrageous. Personally I think all emails from Paypal should have no links embedded and simply give you the address that you need to type into your address bar including the »https://. Of course if you receive an "official" email that tells you to go to something like »www.paypal.scamme.com and you type it in, you deserve what you get.
--
I support the right to keep and arm bears. |
|
GilbertMark
Premium
join:2001-05-02
Gilbert, AZ | Hmm
Yet another scam for the stupid to fall victim to. People who actually use their head for more than a hat rack will just ignore it.
--
Just because a word has an S in it doesn't mean it needs an apostrophe too. |
|
