Jump to content

Warning - Paypal scam...

3FIDDYZ

By 3FIDDYZ
in Off Topic Discussion

 Share

Recommended Posts

3FIDDYZ Z Legend

3FIDDYZ

Posted
Posted

Just had this land in my inbox from services@security-paypal.com

 

Subject: You Account Access RXI0677

 

 

 

 

404 - Component not found

 

You may not be able to visit this page because of:

 

1.an out-of-date bookmark/favourite

2.a search engine that has an out-of-date listing for this site

3.a mistyped address

4.you have no access to this page

5.The requested resource was not found.

6.An error has occurred while processing your request.

 

Please try one of the following pages:

 

•Home Page (This contains a dodgy hyperlink)If difficulties persist, please contact the System Administrator of this site.

 

Component not found

Looks like the "Home Page" link contained some sort of .php script that could be some sort of spyware so if you do get an email then just delete it.

 

For those not savy with internet scams via email, just look at the email address, if its got something like @security-paypal.com and not @paypal.com then its a scam. Companys dont have other domain addresses outside of their own to deal with problems. Just delete without opening.

Link to comment
Share on other sites
Chris`I Z Supreme Being

Chris`I

Posted
Posted

Word of warning, looking at the email address is no sure way to be sure where it came from. While it is a good indicator (and I agree to delete anything like @security-paypal etc), its quite easily send an email looking like its from any email address you like, so dont assume that one from @paypal.com is legit. Paypal/eBay/your bank will never send emails to you asking you to click a link and give over information. They may ask you to login but wont supply the address so you have to type it yourself so you know its going to the website you want - in this case always use www.paypal.com

 

The best thing to do in these instances, where they tell you to click a link is goto the actual site (type it in yourself) as this will always be safe. Links and email addresses can be hidden within what looks like the link, but if you type the address yourself, you will goto the right place. If its that important they will leave you a message when you login to the legit site ;)

Link to comment
Share on other sites
s1xtyn1n3 Z Fanatic

s1xtyn1n3

Posted
Posted

The best way of detecting a dodgy url or email address is to look at the domain - this is the bit immediately after the "@" in email addresses and the bit immediately before the ".com", ".co.uk", bit (the top level domain for those in the know :))

 

The basic rule is that the domain is the one bit that indicates where the url goes or where the email has come from. Here are a few that are ok:

 

...@paypal.com

...@[something].paypal.com

 

Obviously the following are not:

 

...@paypal123.com

...@1paypal.com

...@pay-pal.com

 

Essentially, as long as the last bit is what you would expect, then this should generally be ok. However, there are a couple of things worth watching for. The following are not OK and should be treated with extreme caution:

 

...@[something]-paypal.com

...@[something]_paypal.com

etc.

 

Unless it's .paypal.com, you're likely to be looking at a phony email :)

 

One other thing to watch for is that it is techincally possible to "pretend" your email address has come from somewhere it hasn't. In this circumstance, the email might appear to ligitimately come from paypal or wherever, but if you look in the message header (which you might need to turn on in your email client or webmail settings), then you'll see that the real address is nothing like that in the "from" bit. Luckily people like gmail and hotmail watch for this and flag this as extremely dangerous so there's less chance for you to go wrong :)

 

If you are still unsure, don't click any links. If you need to log into check something, then type the address you would usually use yourself (as Chris says :)). Hopefully this helps, but the best way of avoiding trouble is to suspect everything and use your judgement :)

Link to comment
Share on other sites
Chris`I Z Supreme Being

Chris`I

Posted
Posted

All good info :thumbs:

 

Although I can still send emails from whoever I like with my own mail server so its very easy for it to appear to be from someone@paypal.com when its not. We used to do it at uni all the time, sending emails to people from lecturers :lol: Just be careful they dont hit reply as the reply will go to the named address - in this case the real lecturer! Good job he waas our fraud and security lecturer and he taught us how to do it :lol::blush: Best bet is to log on yourself without clicking any links to be sure to goto the right place :thumbs:

Link to comment
Share on other sites
s1xtyn1n3 Z Fanatic

s1xtyn1n3

Posted
Posted
All good info :thumbs:

 

Although I can still send emails from whoever I like with my own mail server so its very easy for it to appear to be from someone@paypal.com when its not. We used to do it at uni all the time, sending emails to people from lecturers :lol: Just be careful they dont hit reply as the reply will go to the named address - in this case the real lecturer! Good job he waas our fraud and security lecturer and he taught us how to do it :lol::blush: Best bet is to log on yourself without clicking any links to be sure to goto the right place :thumbs:

True, but while the "From" field will appear to be ok, you can't mask the server it came from and these are the ones that get flagged up or caught in spam filters - in hotmail they show a red banner for example. I agree though, you still need to be careful :thumbs:

Link to comment
Share on other sites
Chris`I Z Supreme Being

Chris`I

Posted
Posted
All good info :thumbs:

 

Although I can still send emails from whoever I like with my own mail server so its very easy for it to appear to be from someone@paypal.com when its not. We used to do it at uni all the time, sending emails to people from lecturers :lol: Just be careful they dont hit reply as the reply will go to the named address - in this case the real lecturer! Good job he waas our fraud and security lecturer and he taught us how to do it :lol::blush: Best bet is to log on yourself without clicking any links to be sure to goto the right place :thumbs:

True, but while the "From" field will appear to be ok, you can't mask the server it came from and these are the ones that get flagged up or caught in spam filters - in hotmail they show a red banner for example. I agree though, you still need to be careful :thumbs:

Yup, thats true. Didnt know hotmail flagged it if the email domin and server domain were different, just thought they'd stick in in Spam :thumbs:

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...