Searching \ for '[OT]: Paypal scam !?' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: techref.massmind.org/techref/index.htm?key=paypal+scam
Search entire site for: 'Paypal scam !?'.

Exact match. Not showing close matches.
PICList Thread
'[OT]: Paypal scam !?'
2006\06\24@192907 by WH Tan

picon face
Warning to those who use Paypal...

I just noticed that when I key in http://www.paypal.com in address bar, IE
directs me to paypal address http://www.paypal.com, which seems to be
a bit strange...

1st there is http instead of https, and secondly there is no padlock
on status bar.  Manaully enter https will direct me to a site which
seems a bit different from previous one... with the padlock.  My
fellow PIC lister, BEWARE!

By the way, I had seen lately quite a lot of e-mail in my inbox,
pretending Paypal with the security warning etc... It said I have to
log in to prevent my account from being blocked etc etc...  I believe
many had recieved such e-mail too.


Good luck.

--
WH Tan

2006\06\24@202000 by Herman Aa

picon face


WH Tan wrote:

{Quote hidden}

I noticed something strange also (no security, no padlock). I did not notice initially.

I got very suspicious when (further down the form) they asked for the PIN of my bank (imagine!)
The main theme was that I had to provide additional information. Without the required information my account would be restricted and eventually cancelled (if I continued to refuse to provide the required information).

The website looked very genuine.

As I had used my PayPal password to answer the above questions I immediately accessed my PayPal account and changed the password.
I am a very recent PayPal user (new account, less than 2 months old).
I trust that keeps me out of trouble.

Herman. (using Linux-Ubuntu. No more Windows).
---
REPLY is fine for answering this mail.
spam_OUTn0jnTakeThisOuTspamyahoo.com (n-ZERO-jn@). PERMANENT, so WRITE this one down.
    YAHOO is best to send me BIG files.


2006\06\24@205915 by Xiaofan Chen

face picon face
On 6/25/06, WH Tan <.....whsiung.myKILLspamspam@spam@gmail.com> wrote:
> Warning to those who use Paypal...
>
> I just noticed that when I key in http://www.paypal.com in address bar, IE
> directs me to paypal address http://www.paypal.com, which seems to be
> a bit strange...
>
> 1st there is http instead of https, and secondly there is no padlock
> on status bar.  Manaully enter https will direct me to a site which
> seems a bit different from previous one... with the padlock.  My
> fellow PIC lister, BEWARE!

The http://www.paypal.com and https://www.paypal.com page are both fine.
If you verify the links on the page, they are the same. The first page
does not really need the padlock...

> By the way, I had seen lately quite a lot of e-mail in my inbox,
> pretending Paypal with the security warning etc... It said I have to
> log in to prevent my account from being blocked etc etc...  I believe
> many had recieved such e-mail too.
>

Yes that is phishing site. If you look carefully the link it points, it
does not point to paypal.com.

But it is good to be alerted. There are so many phishing email now.

Regards,
Xiaofan

2006\06\24@221319 by PicDude

flavicon
face
Just tried this and it sent me to "https://www.paypal.com"

I also tried "http://www.paypal.com" and it also took me to
"https://www.paypal.com".

There is a form of a virus that will add entries to your hosts file, so it
re-maps URL names to other different IP addresses.  And I believe it will
show the name rather than the IP.

Scan properly for viruses, spyware, adware, etc.  Also try this from another
machine or another installation.

Cheers,
-Neil.



On Saturday 24 June 2006 18:29, WH Tan wrote:
{Quote hidden}

2006\06\25@000025 by Bob Barr

flavicon
face
On Sat, 24 Jun 2006 22:14:55 -0500, PicDude wrote:

>Just tried this and it sent me to "https://www.paypal.com"
>
>I also tried "http://www.paypal.com" and it also took me to
>"https://www.paypal.com".
>
>There is a form of a virus that will add entries to your hosts file, so it
>re-maps URL names to other different IP addresses.  And I believe it will
>show the name rather than the IP.
>
>Scan properly for viruses, spyware, adware, etc.  Also try this from another
>machine or another installation.
>

Do you already have a PayPal account? That happens to me because of a
PayPal cookie that's on my system. The 'https' version of the page
opens and has my login name filled in. I still need to supply my
password to access my PayPal account. All of the links on that page
are to legitimate 'https://www.paypal.com...' pages.


Regards, Bob

2006\06\25@085501 by WH Tan

picon face
2006/6/25, Herman Aa wrote:

> I noticed something strange also (no security, no padlock). I did not notice initially.
>
> I got very suspicious when (further down the form) they asked for the PIN of my bank (imagine!)
> The main theme was that I had to provide additional information. Without the required information my account would be restricted and eventually cancelled (if I continued to refuse to provide the required information).
>
> The website looked very genuine.
>
> As I had used my PayPal password to answer the above questions I immediately accessed my PayPal account and changed the password.
> I am a very recent PayPal user (new account, less than 2 months old).
> I trust that keeps me out of trouble.

I believe I have seen exactly as what you said!  It was funny when I
tried it with a fake username, password etc... and it proceeded as one
has successfully logged in.  I got the impression no matter what you
type there, it will proceed as if you have successfully logged in.



Best regards,

--
WH Tan

2006\06\25@095555 by Matthew Miller

flavicon
face
On Sun, Jun 25, 2006 at 08:55:01PM +0800, WH Tan wrote:
>
> I believe I have seen exactly as what you said!  It was funny when I
> tried it with a fake username, password etc... and it proceeded as one
> has successfully logged in.  I got the impression no matter what you
> type there, it will proceed as if you have successfully logged in.

You're correct. When I have time on my hands and feel mischievous I like to
phish the phishers. I'll enter credit card numbers (generated by a program
so they pass checksumming), and bank account and routing numbers that look
real in the hope that the phishers will try to use the bogus info and then
draw attention to themselves. ;)

I don't know if it does any good, but it's a fun way to waste a bit of
time...

Matthew

--
"One of the saddest lessons of history is this: If we've been bamboozled
long enough, we tend to reject any evidence of the bamboozle. We're no
longer interested in finding out the truth. The bamboozle has captured
us. It is simply too painful to acknowledge -- even to ourselves -- that
we've been so credulous. (So the old bamboozles tend to persist as the
new bamboozles rise.)"
                     -- Carl Sagan, "The Fine Art of Baloney Detection,"
                                    Parade, February 1, 1987

2006\06\25@095924 by Xiaofan Chen

face picon face
On 6/25/06, WH Tan <whsiung.myspamKILLspamgmail.com> wrote:

> > The website looked very genuine.
> >
> > As I had used my PayPal password to answer the above questions I
> > immediately accessed my PayPal account and changed the password.
> > I am a very recent PayPal user (new account, less than 2 months old).
> > I trust that keeps me out of trouble.
>
> I believe I have seen exactly as what you said!  It was funny when I
> tried it with a fake username, password etc... and it proceeded as one
> has successfully logged in.  I got the impression no matter what you
> type there, it will proceed as if you have successfully logged in.
>
>

It seems that they fixed the problem. Now when you type in
"http://www.paypal.com" or "http://www.paypal.com/", they will
redirect you to "https://www.paypal.com" with the
padlock sign.

Is this a real breach of Paypal security?

2006\06\25@110217 by Dave Lag

picon face
I think they screwed up.
During the flawed period you could click on the login button at the top
right and get the correct https: but filling the form on the default
page sure looked insecure to me.
D

I like the spookstick pluging mentioned here

I exercise my creative side filling those in too,
"police will getyou" etc, where is that checksum algo?



Xiaofan Chen wrote:
{Quote hidden}

2006\06\25@112854 by John Chung

picon face
Matt,

Good idea! What program do you have to generate the cc
number. I want to attack back!

Thanks,
John

--- Matthew Miller <EraseMEnamiller2spam_OUTspamTakeThisOuTnaxs.net> wrote:

{Quote hidden}

> --

2006\06\25@113113 by Matthew Miller

flavicon
face
On Sun, Jun 25, 2006 at 11:02:50AM -0400, Dave Lag wrote:
>
> I exercise my creative side filling those in too,
> "police will getyou" etc, where is that checksum algo?

This web site offers a Python script that contains the algorithm:
http://www.darkcoding.net/projects/credit-card-generator/

I wonder if there is a similar thing for bank routing numbers? If
the data these phishers collect could be poisoned, then they might
be easier to catch.

Matthew

--
Thou shalt not follow the NULL pointer, for chaos and madness await thee
at its end.

2006\06\25@115102 by Matthew Miller

flavicon
face
On Sun, Jun 25, 2006 at 08:28:53AM -0700, John Chung wrote:
> Matt,
>
> Good idea! What program do you have to generate the cc
> number. I want to attack back!

This web site has the Python script that I use:

http://www.darkcoding.net/projects/credit-card-generator/

--
"I believe that a scientist looking at nonscientific problems is just as
dumb as the next guy."  -- Richard Feynman


'[OT]: Paypal scam !?'
2006\07\08@153026 by Martin Klingensmith
flavicon
face
IIRC, Internet Explorer always adds the for you, as if to say
"it's supposed to be there".
If you type in http://www.paypal.com and don't get the genuine paypal site, you
should probably be calling your ISP.
--
MK

WH Tan wrote:

{Quote hidden}


'[OT]: Paypal scam !?'
2006\08\17@143530 by James Newtons Massmind
face picon face
Please digg this:

digg.com/business_finance/Your_checks_How_the_ABA_Routing_Numbers_get
_the_money_where_it_needs_to_go has a ton of info about the bank routing
number and a little check sum script... It CHECKs the sum rather than
CALCulates the sum, but the reverse would not be hard to write...

The problem is keeping it from being used by the wrong people for the wrong
reasons as opposed to being used by the right people for the right reasons.

I'm working on an addition to that page to allow one to check more details
of a check. For example, after you enter the MICR line and the bank name and
location printed on the check face, the page will tell you if it matches and
if it does, give you the phone number to call to verify funds. If it does
NOT match, it will NOT give you the correct information; it will only tell
you that the check is suspect. So it can not be used to help MAKE a
fraudulent check, but only to help verify that one is not. If the bank info
for the routing number is not know (to my rather old database) it will say
so and add what you entered. Each entry has a confidence level that starts
low and increases with matches or decreases with mis-matches. Any comments
welcomed.

---
James Newton, massmind.org Knowledge Archiver
jamesspamspam_OUTmassmind.org 1-619-652-0593 fax:1-208-279-8767
http://www.massmind.org Saving what YOU know.



> {Original Message removed}

2006\08\17@145125 by David VanHorn

picon face
>
>
> >1st there is http instead of https, and secondly there is no padlock
> >on status bar.  Manaully enter https will direct me to a site which
> >seems a bit different from previous one... with the padlock.  My
> >fellow PIC lister, BEWARE!


>From here, i get https://www.paypal.com and the padlock.
Run spybot and ad-aware, and see what happens.

>By the way, I had seen lately quite a lot of e-mail in my inbox,
> >pretending Paypal with the security warning etc... It said I have to
> >log in to prevent my account from being blocked etc etc...  I believe
> >many had recieved such e-mail too.


I've tossed thousands.

2006\08\17@145429 by David VanHorn

picon face
>
>
> I'm working on an addition to that page to allow one to check more details
> of a check. For example, after you enter the MICR line and the bank name
> and
> location printed on the check face, the page will tell you if it matches
> and
> if it does, give you the phone number to call to verify funds. If it does
> NOT match, it will NOT give you the correct information; it will only tell
> you that the check is suspect. So it can not be used to help MAKE a
> fraudulent check, but only to help verify that one is not. If the bank
> info
> for the routing number is not know (to my rather old database) it will say
> so and add what you entered. Each entry has a confidence level that starts
> low and increases with matches or decreases with mis-matches. Any comments
> welcomed.


Several years ago i did something similar, using names, addresses, phone
numbers, cc#, DL# and anything else i could get, to give a probability of
match.
Lots of PHP/Mysql work.  In the end, you could submit queries using wget,
and get about 2000 responses/sec on a 400 mhz athlon.

redhat linux, mysql, apache, and php

2006\08\17@153616 by Tim

picon face
Never, ever log into your PayPal account by clicking on an email link.
Only log in by going to it directly in your browser. If something is
amiss in your account PayPal will tell you on the web site after you
log in.

Tim

More... (looser matching)
- Last day of these posts
- In 2006 , 2007 only
- Today
- New search...