Watch out for a new case of phishing scam (PayPal) Thread poster: Izabela Szczypka
|
|---|
Hi all
Just today I found phishing scam in my secondary mail, never registered with PayPal, but receiving some spam. I've already reported it to PayPal, but beware...
The message is short and simple, and in my case the "click here" link is:
[removed. thanks for correcting me, guys ]
Iza
P.S. Just checking if it will be suffi... See more Hi all
Just today I found phishing scam in my secondary mail, never registered with PayPal, but receiving some spam. I've already reported it to PayPal, but beware...
The message is short and simple, and in my case the "click here" link is:
[removed. thanks for correcting me, guys ]
Iza
P.S. Just checking if it will be sufficiently crippled:
http://rrcs-74-218-5-38,central,biz,rr, com / www.paypal.com/webscr.html ? cmd=_login-run
P.S.2 It works Thanks for the advice, PAS
[Edited at 2009-09-06 10:56 GMT] ▲ Collapse
| | | | Jan Willem van Dormolen (X) 
Netherlands
Local time: 04:47
English to Dutch
+ ...
...do not post fraudulous content, such as that 'click link'. If people accidentally click on it, they're ****ed.
| | | |
Jan Willem van Dormolen wrote:
...do not post fraudulous content, such as that 'click link'. If people accidentally
click on it, they're ****ed.
Yes, I agree with Jan. Fraudulent links should not be posted.
This kind of scam happens once in a while, not limited to Paypal only, but also Moneybookers, EBay, and some bank you've never heard of. For the past few days, I have been receiving phishing mails from "Bank of America" which I never heard of nor have any accounts.
And one advice (though doesn't apply always but) to distinguish these scam or phishing mails is look at the recipients address closely, since they're not your email address. For example if your email address was john_doe@ xyz.com, the recipients name would be something like a variety of john_doe, and the part after the @ mark would be something like yyz.com.
| | | | PAS
Local time: 04:47
Polish to English
+ ...
| If youse clicks, yer ******.... | Sep 6, 2009 |
Actually I would post that link, but cripple it by a few spaces or additional characters, so that everyone could see the name of the link to know what to avoid.
Best,
P.A.S.
| | |
|
|
|
Stuart Dowell
Poland
Local time: 04:47
Member (2007)
Polish to English
+ ...
Thanks for the warning Iza.
| | | | abufaraz
Pakistan
Local time: 08:47
English to Urdu
+ ...
PAS wrote:
Actually I would post that link, but cripple it by a few spaces or additional characters, so that everyone could see the name of the link to know what to avoid.
Best,
P.A.S.
Yes, it is a good method of making the readers aware of the link as well as saving them from the dangers of clicking it.
| | | | Susan Welsh
United States
Local time: 22:47
Russian to English
+ ...
| Not a question of this link or that link, but of basic security hygiene... | Sep 6, 2009 |
aburiaz wrote:
PAS wrote:
Actually I would post that link, but cripple it by a few spaces or additional characters, so that everyone could see the name of the link to know what to avoid.
Best,
P.A.S.
Yes, it is a good method of making the readers aware of the link as well as saving them from the dangers of clicking it.
By which I mean, you should NEVER click on a link in an email ostensibly from PayPal or a bank or whatnot, but go to the site directly and find whatever they're talking about. The exception, I guess, would be if you're in an ongoing dialogue, initiated by you, concerning a problem that you're having, and they tell you to click on a link, for example, to download a patch for your system.
Somewhere on the Proz site, I'm sure there's a list of basic security precautions.
You cannot "memorize" all the "phishing links" in the world. (Of course, they change all the time.)
| | | | | Telltale signs | Sep 6, 2009 |
PayPal's help screens say that if they ever send you a message, it will begin with:
Dear XXX,
... where XXX is precisely your full name as registered with PayPal. They advise to disregard any message starting out with "Dear User,", "Dear Customer,", etc.
The second thing is that while they may give you instructions by e-mail on what you should do, make "threats" on what might happen if you don't do it... See more PayPal's help screens say that if they ever send you a message, it will begin with:
Dear XXX,
... where XXX is precisely your full name as registered with PayPal. They advise to disregard any message starting out with "Dear User,", "Dear Customer,", etc.
The second thing is that while they may give you instructions by e-mail on what you should do, make "threats" on what might happen if you don't do it, they'll never provide any link to click on: they'll tell you to log in to your account there, and (if necessary) click on some menu item to get instructions.
Phishers and virus developers are just on the lookout for people who are "click-happy". ▲ Collapse
| | |
|
|
|
José Henrique Lamensdorf wrote:
They advise to disregard any message starting out with "Dear User,", "Dear Customer,", etc.
(...)
Phishers and virus developers are just on the lookout for people who are "click-happy".
And I never said I followed the link - am too old to click happily around and have seen too many of those.
But as the scam refers specifically to Paypal which many of us use, I decided to ring another warning bell, for the double protection of our community.
BTW, the phishers are getting smarter, too. No 'Dear User / Customer' stuff this time, a simple message:
You have 1 new ALERT message
Please login to your PayPal account in order to read the message.
To proceed, please click here
Thank you for using PayPal
Copyright © 2009 PayPal Inc. All rights reserved.
Quite persuasive - a sentence you'd expect from Paypal (please login) and a shortcut offered immediately afterwards. Some people might get caught before even starting to think...
| | | | Jeff Whittaker
United States
Local time: 22:47
Spanish to English
+ ...
| Caryl Swift
Poland
Local time: 04:47
Polish to English
+ ...
... for the heads up! And yes, I agree, the wording they used could catch the unwary. It nevert hurts to be doubly forewarned. Thanks for that, Iza!
Caryl
| | | |
If only people read the initial posts more carefully...
| | |
|
|
|
Paul Daubreu (X)
Local time: 04:47
French to German
+ ...
| Shut the site down? No way! | Sep 7, 2009 |
Jeff Whittaker wrote:
I get these all the time. It you want, you can forward the e-mail to [email protected] (so they can shut the phishing site down and maybe prosecute the crooks).
Quite honestly, I never heard or read that such a site was shut down. What I saw is that phishers had hacked some genuine sites and created a fraudulent subdomain within those sites, hence the very long and very confusing links (hover over them with your mouse and they will be displayed in full at the bottom of the page in question).
In France at least, there are domestic free e-mail providers who are known for their high acceptance of "Anything goes as long as you use an e-mail account bearing my domain name". I sent them many e-mails and never received a single reply - this to the contrary, ISP's offering paying e-mail accounts replied... once from time to time.
| | | | John Fossey
Canada
Local time: 22:47
Member (2008)
French to English
+ ...
| Send the whole email | Sep 8, 2009 |
Yes, PayPal does pursue and occasionally prosecute these scammers. To say the least, some email hosts will shut them down once they are notified of a scam. It helps them to recevie the entire email. You can "Save AS..." the email then add it as an attachment to [email protected]. That way they get the entire email which can help them trace the originator.
| | | | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » Watch out for a new case of phishing scam (PayPal) | Trados Business Manager Lite | Create customer quotes and invoices from within Trados Studio
Trados Business Manager Lite helps to simplify and speed up some of the daily tasks, such as invoicing and reporting, associated with running your freelance translation business.
More info » |
| | Protemos translation business management system | Create your account in minutes, and start working! 3-month trial for agencies, and free for freelancers!
The system lets you keep client/vendor database, with contacts and rates, manage projects and assign jobs to vendors, issue invoices, track payments, store and manage project files, generate business reports on turnover profit per client/manager etc.
More info » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |
Login to reply/comment 
Translation news
