![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
So, Paypal, you guys, right?
I'm normally an awfully difficult mark when it comes to spoofs, phishing, and so on. On top of which, my e-mail is very good indeed at filtering out the spams and scams. But I'm having kind of a rough day and am therefore kind of distracted (example: I caught myself noting that I'd chewed off my lipstick and wondering how many calories that was likely to be), so when I came back to my desk and found an e-mail alerting me that my billing details had been changed, I thought, Huh, you know, I have indeed used the Paypal recently, and clicked on the link.
This was the e-mail:
I am relieved to report that it was at this point that I thought, wait a minute ....
I did not, of course, fill in the blanks, preferring not to give the thing my mother's maiden name, social security number, mailing address, and credit card information. I also noted that the link up at the top right-hand corner of the page, which in a separate window when I went to Paypal by typing in the name my own self is called "Security Center", is in the spoofer spelled "Security Centre". Aha! That's one more instance of paying attention finally paying off. (I now note that that link, as well as the "Contact Us" link and in fact every link on the fake page, simply takes me back to the top of the "Profile Update" form.)
It was while the phone was ringing with the proper Paypal security people that I realized the e-mail had come to my agent dot reynard address, and not to my fullname address, which is the address associated with my blinkin' Paypal account. [eta: And that it is addressed to "Dear Account Holder" rather than to my name. D'oh.]
I forwarded the e-mail to spoofs at paypal dot com, as directed by the telephone, and will shortly be changing my password and security questions -- out of, as they say, an abundance of caution, since after all I did not give the bad guys any information. Close shave, though!
Heads up, y'all. I swear if they can come this close to getting me, they can come this close to getting you. :-P
I'm normally an awfully difficult mark when it comes to spoofs, phishing, and so on. On top of which, my e-mail is very good indeed at filtering out the spams and scams. But I'm having kind of a rough day and am therefore kind of distracted (example: I caught myself noting that I'd chewed off my lipstick and wondering how many calories that was likely to be), so when I came back to my desk and found an e-mail alerting me that my billing details had been changed, I thought, Huh, you know, I have indeed used the Paypal recently, and clicked on the link.
This was the e-mail:
Dear Account Holder,That link there, where it says 'here', points to http://paypal.com.login-dispatch-run.2342118321461412.nasbo.net/ , which of course I only saw when I got there, at which point it invited me to log in -- and then presented me with a really well-spoofed profile update page asking for, among other things, my mother's maiden name and my social security number.
Account Action: Account Limitation
Account Offense: Violation of Terms of Service section 4 - Account has been accessed by unauthorized IPs.
Details: An investigation of your Paypal account has found strong evidence that the account in question is being abused or hacked.
In accordance with Terms of Service section 4, Paragraph B a probationary suspension is pending on this account, awaiting confirmation from a specialist. A final warning has been issued. The investigation will be continued by the Account Administration team to determine the any further suspensions. Be aware that any additional inappropriate actions may result in the permanent closure of the account.
===================================
** We request that you verify your legitimate ownership of the account here.
===================================
Or contact PayPal Member Services Team. We're available 24 hours a day, 7 days a week.
Note: If you have recently updated your billing information, please disregard this message as we are processing the changes you have made.
Any disputes or questions concerning this account action can only be addressed by PayPal Administration. To learn more about how Account Administration is able to assist you, please visit us at Paypal Support.
Sincerely,
Jeff Stobe
PayPal Billing & Account Administration
http://www.paypal.com
PayPal Email ID PP5525223
I am relieved to report that it was at this point that I thought, wait a minute ....
I did not, of course, fill in the blanks, preferring not to give the thing my mother's maiden name, social security number, mailing address, and credit card information. I also noted that the link up at the top right-hand corner of the page, which in a separate window when I went to Paypal by typing in the name my own self is called "Security Center", is in the spoofer spelled "Security Centre". Aha! That's one more instance of paying attention finally paying off. (I now note that that link, as well as the "Contact Us" link and in fact every link on the fake page, simply takes me back to the top of the "Profile Update" form.)
It was while the phone was ringing with the proper Paypal security people that I realized the e-mail had come to my agent dot reynard address, and not to my fullname address, which is the address associated with my blinkin' Paypal account. [eta: And that it is addressed to "Dear Account Holder" rather than to my name. D'oh.]
I forwarded the e-mail to spoofs at paypal dot com, as directed by the telephone, and will shortly be changing my password and security questions -- out of, as they say, an abundance of caution, since after all I did not give the bad guys any information. Close shave, though!
Heads up, y'all. I swear if they can come this close to getting me, they can come this close to getting you. :-P
