Phishing & BotNets
paypal phishing attempt Aug 07 2006 02:30PM
Colin Copley (colin intuware-s com) (2 replies)
Re: paypal phishing attempt Aug 07 2006 07:49PM
Paul Laudanski (paul castlecops com)
RE: paypal phishing attempt Aug 07 2006 07:35PM
eric ch13-12westtex org
I got two of these messages earlier today. I ran the IP addresses, of
course they could be spoofed, but they are located in Pennsylvania. I
doubt you will hear anything from the IP owner whether they are involved
or not. The abuse address doesn't really mean much.

-----Original Message-----
From: Colin Copley [mailto:colin (at) intuware-s (dot) com [email concealed]]
Sent: Monday, August 07, 2006 9:31 AM
To: phishing (at) securityfocus (dot) com [email concealed]
Subject: paypal phishing attempt

Hi List

I have just signed up so sorry if this has already been done to death.

I received an email from a spoofed paypal notifications (at) paypal (dot) com [email concealed]
address through a UUNET Server 63.78.188.195 which claimed that the
email address undergroundseller (at) yahoo (dot) com [email concealed] had been added to my paypal
account and to confirm this.

This is a security check paypal would actually do, although they
wouldn't link through

http://***.**.177.170:9999/www.paypal.com/addyouremail/webscrr/index.php

Have notified the abuse address of the IP owner, but who are the
relevant authorites to contact in case he doesn't care or is party to
the scam?

Anyone collecting / studying such emails I will fwd.

Many Thanks
Colin

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus