MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
| reply to ScamHelpPlease
Re: PayPal.com phish scam, help me!
said by ScamHelpPlease :
.... And the E-mail I got saying I paid out $60 to this company called Nexon was using a phishing URL, yet it had my real contact info. It looks like the transaction is real, so I'll have to call PayPal
That has happened before, there are multiple threads in this forum of "targeted" paypal phishing mail. I recall one thread where the phish mail not only had the victims real id name. but also his correct address. I cannot find the correct search keys to find it, but I do remember it. I think it may also have a post where we showed phishers that we caught who had printouts of names addresses and email addresses that they bought form places like netdetective.com with carded accounts. Since your Paypal id is always an email address, it is not difficult to send millions of phish mails and hit many people with matching PayPal accounts.
MGD |
|
ScamHelpPlease
@verizon.net
| reply to MGD
I haven't been to PayPal in years, and it didn't have my e-mail address in the login box when I went to the page for the first time today. No one else uses my PC except for me. I don't know how the language change happened, but it is highly suspicious. The transaction appears to be real, I see two payments for $30 to a company called Nexon. Nexon appears to be an asian company that makes online RPGs, so the asian language again seems very suspicious. I wonder how they got my account info. The only thing that comes to mind is that I possibly used the same login info on a forum somewhere, and whomever could get access to forum login information could attempt to use it anywhere else. BTW, thanks for helping everyone. It's good to know I can come here for help. Hopefully I'll be able to resolve this tommorow with PayPal. Thankfully the sending limit was reached at $60. |
|
ScamHelpPlease
@verizon.net | reply to MGD
Apparently I wasn't the only one hit:
»www.complaintsboard.com/complain···411.html |
|
MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
| Very good catch !!
That explains the foreign language setting, they logged into your account from Asia, and paypal remembers the last logon setting.
This I presume is the company paid? »www.google.com/search?hl=en&q=%2···C+inc%22 gaming, based in Los Angeles.
MGD |
|
K Patterson
Premium,MVM
join:2006-03-12
Columbus, OH | I wonder if the fraudulent charges ae coming from gamers - the company appears to be legit. |
|
Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
clubs:
| reply to MGD
This is the game. Very Strange, but very popular to many it seems.
MapleStory
»en.wikipedia.org/wiki/MapleStory
quote:
MapleStory (Korean: 메이플스토리) is a free-of-charge, 2D, side-scrolling massively multiplayer online role-playing game developed by the South Korean company Wizet. Several versions of the game are available for specific countries or regions, and each is published by various companies such as Wizet and Nexon. Although playing the game is free, character appearances and gameplay enhancements can be purchased from the "Cash Shop" using real money. MapleStory has a combined total of over 50 million subscriber accounts in all of its versions.[3][4] MapleStory North America (Global), for players mainly in North America and outside of East Asia, Southeast Asia and Europe, has over three million players.[3]
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time? |
|
ScamHelpPlease
@verizon.net
| Since the language was in Chinese, I'm guessing they're "gold farmers" who sell the ingame items for real cash. I think that maybe this hides their identity since it's a 3rd party that does the billing and they won't get the cooperation of Nexon America to actually stop these people. |
|
Harr Harr Harr
@cot.net
| reply to ScamHelpPlease
This is why Nexon America did crack down on what types of Paypal accounts you can use to charge their NX cash.
I have a feeling you somehow did get phished by a gold farmer or something similar and they got a hold of your account information from paypal. Though, did the email come supposedly come from Paypal or Nexon? It should only come from Paypal.
An official reciept from buying from Nexon America SHOULD look like this:
service@paypal.com
Dear Name,
This email confirms that you have paid Nexon America Inc. (billingpp@nexon.net) $10.00 USD using PayPal.
Payment Details
Transaction ID: ###################
Item Price: $10.00 USD
Total: $10.00 USD (Ex.)
Buyer: Name.
It may take a few moments for this transaction to appear in the Recent Activity list on your Account Overview.
Business Information
Business: Nexon America Inc.
Contact E-Mail: billingpp@nexon.net
Your Confirmed Address
Shipping Info: Your address or whatever here.
If you have questions about the shipping and tracking of your purchased item or service, please contact Nexon America Inc. at billingpp@nexon.net.
Thank you for using PayPal!
The PayPal Team
Your monthly account statement is available anytime; just log in to your account at »https://www.paypal.com/us/HISTORY. To correct any errors, please contact us through our Help Center at »https://www.paypal.com/us/HELP.
Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and choose the Help link located in the top right corner of any PayPal page.
To receive email notifications in plain text instead of HTML, update your preferences here.
PayPal Email ID #####
Because the game MapleStory attracts A LOT of those gold farmers from other countries, but they have to work via proxy, because there are many sites that are dedicated to selling the currency for actual money (usually cheap or something, I dunno). |
|
AlphaC
join:2008-12-25
| reply to ScamHelpPlease
We track a lot of the domains advertised in spam at the forums at »ksforum.inboxrevenge.com . Since they are carrying out criminal activity, they're registered with fake/stolen identity information, and usually paid with stolen credit/debit/paypal accounts.
It's frustrating for us to see the magnitude of the fraud from our point of view (hundreds of thousands of domains at about $10 each), yet see the financial institutions looking at it as a lot of tiny charges not worth pursuing. Shoot, they even give these guys merchant accounts and let them check credit cards in real time for people buying their fake viagra and male member enlargement crap.
I'd encourage anyone who has experienced this type of fraud to pursue it vigorously. In the case of these spamvertised sites, you really want it on record that you are not involved in the scam, and you want to make sure the registrar removes your name from public whois information.
I realize this is a very sensitive issue. But since most people who are victimized have no idea what I just said and may have arrived on this forum via a Google search, I'd invite them to visit our forum to get help learning how to extricate their identities from fraudulent domain registrations. |
|
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
 ·AT&T U-Verse
 ·AT&T Midwest
| It's frustrating for us to see the magnitude of the fraud from our point of view (hundreds of thousands of domains at about $10 each), ... Part of the problem is that domain registrars do a poor job of checking the legitimacy of domain purchasers.
--
AT&T dsl; Westell 327w modem/router; openSuSE 11.0; firefox 3.0.5 |
|
AlphaC
join:2008-12-25
| said by nwrickert  :Part of the problem is that domain registrars do a poor job of checking the legitimacy of domain purchasers. That's something spammers really take advantage of. A large registrar is going to be processing several thousand new domains every day. It's all automated. There's no human looking at the whois saying, "LOL! They expect me to believe that?"
Registrars can develop systems to identify fraudulent registrations based on the "fingerprints" of other known fake registrations. We worked very closely with an admin at TodayNIC when they were being inundated with spam registrations and were able to help him automate identifying and suspending fraudulent registrations; TodayNIC now gets far fewer new registrations as spammers take their domains and credit card chargebacks elsewhere.
Why don't all the registrars do that? Part of it is that they just don't know as much about these spam operations as those of us who concentrate on researching them, part of it is they aren't charging enough for a domain registration to spend a lot of money on aggressive enforcement of AUPs, and part of it is that many really don't want to get into policing website content (porn, especially), so they insist that complaints about spam and fraud go to the hosting service instead.
ICANN does require them to act on fraudulent registrations, but they don't require them to do it quickly and they don't particularly specify what action they need to take -- is emailing the "registrant" and allowing him to substitute new fake information for old info sufficient? Or should they Google the new address to see if that exists either, for instance?
Meanwhile, the policy of insisting that only the hosting company can act on spam or fraudulent content is specious. The worst of the worst websites are all hosted on hijacked computers, and the IP addresses you see when you look them up are only the first step in a bucket brigade of servers transferring files back and forth. If you were to be able to contact the owner of the hijacked server you see, he won't find any of the website files on his machine. And he's probably not all that concerned anyway if he doesn't even know there's a trojan on his machine in the first place. |
|
