studiot Posted June 30, 2017 Posted June 30, 2017 Received this Email, this evening Dear Customer, Your PayPal account has been limited because we've noticed significant changes in your account activity. As your payment processor, we need to understand these changes better. This account limitation will affect your ability to: - Send or receive money - Withdraw money Also, you won't be able to: - Remove any bank accounts - Remove credit cards - Close your account What to do next Please log in to your PayPal account and provide the requested information through the Resolution Center. If we don't receive the information before this deadline or we notice additional significant changes in your account activity, your account access may be further limited. Login here {code removed by studiot} Thank you for your understanding and cooperation. Sincerely, PayPal ------------------------------------------------------------------------- This Is An Automatically Generated Email, Please Do Not Reply You Are Receiving This Email Because You Are A Registered Member Of PayPal Read Our Privacy Policy,Security and Protection If You Have Any Questions Copyright © 1999-2017 PayPal All Rights Reserved. Please be aware of this scam as it is highly realistic. Except for the fact that PP have never had the particular email address they sent it to. 1
koti Posted June 30, 2017 Posted June 30, 2017 (edited) Click the link and see where it takes you without entering your username and password ofcourse. Then report that domain to paypal fraud report. Thats what I always do to let paypal know who is trying to screw with their clients. BTW this is not a virus, its a classic example of "phishing" https://en.m.wikipedia.org/wiki/Phishing Edited June 30, 2017 by koti
StringJunky Posted June 30, 2017 Posted June 30, 2017 Received this Email, this evening Please be aware of this scam as it is highly realistic. Except for the fact that PP have never had the particular email address they sent it to. Rule 1: Never login to an important account through an email link, always use a proper link.
Sensei Posted July 1, 2017 Posted July 1, 2017 (edited) Click the link in e-mail (....) NEVER EVER click any such link!!! That's rule 1. First, URLs have appended personalized suffixes. Each e-mail has different suffix, with code unique to e-mail. So they (whoever they are, spammers or hackers) will know that somebody with e-mail clicked it. Which means they will confirm their e-mail arrived, and e-mail address is active and verified, and could be sold to ad-spammers. Second, after clicking there is revealed which browser is used, with what operating system, IP address, and other details. Which means they will be able to make more personalized attack using vulnerabilities of particular OS or web browser. After scanning ports they will learn what things you're hosting (services/daemons), what ports are open and listening. Third, page can contain viruses that will intercept your system immediately. There are OS-es which have broken f.e. handling of images, and artificially made image file, can contain code allowing intrusion. Edited July 1, 2017 by Sensei 2
koti Posted July 1, 2017 Posted July 1, 2017 NEVER EVER click any such link!!! That's rule 1. First, URLs have appended personalized suffixes. Each e-mail has different suffix, with code unique to e-mail. So they (whoever they are, spammers or hackers) will know that somebody with e-mail clicked it. Which means they will confirm their e-mail arrived, and e-mail address is active and verified, and could be sold to ad-spammers. Second, after clicking there is revealed which browser is used, with what operating system, IP address, and other details. Which means they will be able to make more personalized attack using vulnerabilities of particular OS or browser. After scanning ports they will learn what things you're hosting (services/daemons), what ports are open and listening. Third, page can contain viruses that will intercept your system immediately. There are OS-es which have broken f.e. handling of images, and artificially made image file, can contain code allowing intrusion. I wasnt clear. Right click and copy the link to send it to paypal.
studiot Posted July 1, 2017 Author Posted July 1, 2017 This thread was meant as a warning. Even the most competent can be caught out. Yes you can do some of these things if you feel competent, but there is code associated with the link in some cases and as Sensei +1 points out simply arriiving at the link address from your own IP is useful information to a hacker. If you feel competent and want to investigate, you would be safer taking the address to a public net service, they are free in the EU and UK, and protected by a reset protocol such as Deep Freeze. We should all work together to combat those who subvert innocent folks.
Mike Smith Cosmos Posted July 1, 2017 Posted July 1, 2017 (edited) This thread was meant as a warning. Even the most competent can be caught out. Yes you can do some of these things if you feel competent, but there is code associated with the link in some cases and as Sensei +1 points out simply arriiving at the link address from your own IP is useful information to a hacker. If you feel competent and want to investigate, you would be safer taking the address to a public net service, they are free in the EU and UK, and protected by a reset protocol such as Deep Freeze. We should all work together to combat those who subvert innocent folks. . Strikes me .. The Internet is Not a Safe Place to be , anymore , Unless you are a computer wiz kid ? Or the major providers MAKE IT A SAFE PLACE TO BE .... and tell us when they have done in , only by world wide media coverage . Mike Ps Perhaps someone should warn the world that PAYPAL may be contaminated , or a dangerous place to operate with your money ( at the moment ) ? I do not think it can be me, or I will end up in concrete Wellington Boots ! Edited July 1, 2017 by Mike Smith Cosmos
Sensei Posted July 1, 2017 Posted July 1, 2017 (edited) Strikes me .. The Internet is Not a Safe Place to be , anymore , Before Internet, viruses were spreading via diskettes.. There were boot viruses intercepting boot sector. Once you put such diskette to drive, virus was intercepting computer, and infecting the all files. There were/are viruses attaching to files. Their code is executed prior the real executable file code (loader). So one such file on disk, and you have virus back again. It scans the all executable files, and modify them to add virus code at the beginning. There are viruses encoding files. Unless you are a computer wiz kid ? Do you want to remain in XX century, or want to enjoy XXI century.. ? There is never late (age) to buy C/C++ book, download free Visual Studio Community/Express, and jump in a bit higher level of knowledge. Are not you retired? You have plentiful of free time to learn new things. It's just up to you. Or the major providers MAKE IT A SAFE PLACE TO BE They cannot know which file, hosted on some server, or send by e-mail as attachment, from your true friend (virus after infecting computer is searching for e-mail address book), contain some kind of virus in executable. Edited July 1, 2017 by Sensei 1
Mike Smith Cosmos Posted July 1, 2017 Posted July 1, 2017 (edited) Before Internet, viruses were spreading via diskettes.. Do you want to remain in XX century, or want to enjoy XXI century.. ? One of my daughters runs her entire life by PayPal and other electronic trading sites . Private life and Business life . I need to get hold of her to warn her . , Mike Edited July 1, 2017 by Mike Smith Cosmos
studiot Posted July 1, 2017 Author Posted July 1, 2017 (edited) One of my daughters runs her entire life by PayPal and other electronic trading sites . Private life and Business life . I need to get hold of her to warn her . , Mike That was the purpose of this thread - Spreading the Good News. Malicious code needs to spread to be worthwhile to its originators. We can all collectively fight this by broadcasting the antidotes. Edited July 1, 2017 by studiot
Sensei Posted July 1, 2017 Posted July 1, 2017 (edited) One of my daughters runs her entire life by PayPal and other electronic trading sites . Private life and Business life . I need to get hold of her to warn her . , Studiot incorrectly titled thread "PayPal virus". He should call it virus pretending PayPal legit e-mail. It does not have to be "PayPal" at all. It can be any widely used service, f.e. pretending it's mail from bank, or other financial institution, or government. It could be pretending YouTube, Google+, Facebook, Twitter, Vimeo, and so on, so on, the next time.. Virus creator takes message normally sent to user, to notify about some event, just to force him/her to click the link in the post. Edited July 1, 2017 by Sensei 1
Mike Smith Cosmos Posted July 1, 2017 Posted July 1, 2017 That was the purpose of this thread - Spreading the Good News. Malicious code needs to spread to be worthwhile to its originators. We can all collectively fight this by broadcasting the antidotes. So what exactly do we as ordinary members of the public need to DO or WATCH OUT FOR .? Mike
koti Posted July 1, 2017 Posted July 1, 2017 So what exactly do we as ordinary members of the public need to DO or WATCH OUT FOR .? Mike Get somebody who knows their stuff to help you keep your devices safe.
Lord Antares Posted July 4, 2017 Posted July 4, 2017 One of my daughters runs her entire life by PayPal and other electronic trading sites . Private life and Business life . I need to get hold of her to warn her . , Mike Sensei is right. You don't have to warn her of anything other than not clicking on spam e-mails. This has nothing to do with paypal. It does not mean that PayPal is unsafe (and it really isn't unsafe). It's simply a site pretending to be PayPal. It's like if I dressed as a police officer and scammed someone out of some money. It does not mean that the police are corrupted, since I wasn't the police in the first place, right? I fell for something like this a few years back when I was playing Dota 2. Basically, what you need to know that there are some cosmetic items in the game which can be traded for other items with players on a place called Steam Community, which is a part of the massively popular website ''Steam'' (basically of comparable repute as PayPal). I was going to trade some items with a person who sent me a link to his Steam Community profile. Only, it wasn't really a steam community page, it was a similar domain made to look EXACTLY like the steam community page. Basically, it had something like ''steamconmunity'' in the address bar, instead of ''steamcommunity''. If you don't spot a detail like that, you might get fooled into thinking it is the legitimate page. So when I typed my username and password in the corresponding places, I wasn't actually logging in anywhere, I was sending that information to the person who made the fake page. Thus, he logged in with my account and transferred all of my items to his account. Similarly, clicking on that ''paypal'' mail would, I assume, lead you to a site login which looks exactly like the one on the PayPal page and upon typing your information, it would be sent to the person who sent you the mail, instead of logging in anywhere. That's what phishing is. It has nothing to do with the level of safety of either PayPal or Steam or any other site. It's a site made to look like other sites. 2
dimreepr Posted July 4, 2017 Posted July 4, 2017 It's not always a one way street: http://www.iflscience.com/technology/programmer-uses-his-tech-skills-to-get-hilarious-revenge-on-phone-scammers/ This made me laugh... 1
StringJunky Posted July 4, 2017 Posted July 4, 2017 (edited) So what exactly do we as ordinary members of the public need to DO or WATCH OUT FOR .? Mike 1. Don't click on a link to a banking site etc in an email. 2. Put important links in your address bar that you know are good and use them every time. 3. Check that the web address of important and sensitive sites starts with 'https' not 'http' eg 'https.www.americanexpress.com/login'. This is the secure version of the address. 4. Use HTTPS Everywhere which forces the browser to look for and use the secure version of a website. This can help against getting sent to spoofed websites that make phishing attempts. i use a separate browser (Firefox) from my casual browsing (Chrome) that is set to remember nothing with all the important links in the bookmarks bar but Firefox does not remember passwords, it is disabled. It has HTTPS Everywhere and Adguard adblocker. Opera is probably better as your ''financial' browser because you can enable VPN in the settings which adds another layer of encryption. i would certainly use it if I was out and about using public wifi. Edited July 4, 2017 by StringJunky 1
studiot Posted July 4, 2017 Author Posted July 4, 2017 First class summary list, StringJunky, inlcuding some things I had not heard of. Thank you +1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now