vsbabu.org

Identity stealing scams via e-mail

There is a recent surge in sending spam that looks "official", with a from-address that looks like the mail is from a reputed company. Remember, it is pretty easy to fake a from-email address. Typically, these e-mails tell you that:

• your account had some issues
• new policies and procedures need your authorization
• participate in some customer satisfaction survey
• great deal, if you register now

Michael J. Radwin got something like this recently. These mails will have a link that looks official too! See the example below.

http://www.paypal.com:secure-verifyaccount968ktz642@p9.da.ru/

However, this site is not paypal.com, but some site in Russia. When you go to that site, they have replicated PayPal’s interface exactly like the official one. It is very easy to get fooled by this. If you fill out the form, the data is captured by the scammer before sending you to the real PayPal site.

There are news reports about such scams rising in Australia. Lot of people have been fooled into giving out their on-line banking details.

How can you be better prepared?

• If you maintain an account online (bank, merchant etc.), bookmark a link to the login page, that you trust. Whenever someone asks you for personal information, verify if the location in the top bar of the browser displays the site as the one you trust.
• If your account is with paypal.com, make sure the URL in the location bar has paypal.com as the ending part before the first /, after the http://. The following are examples of scams:
  - http://whatever.paypal.us/
  - http://paypal.customerservice.com/
  - http://security.paypal.info/
  Similarly, for other institutions like banks, Amazon.com etc.
• It is much better to be very cautious whenever you fill in a form on-line. Majority of these scams seem to come from African countries, Eastern Europe, China and Russia. Exploring legal options overseas might be a tough problem.

1. Well, I got one from PayPal too! This one posts to http://www.paypal.com@pipetc.port5.com/

   Asks for Full Name, Credit Card details and ATM PIN - apparently for Bank verification.

   Posted by: Babu on May 21, 2003 06:48 PM

2. Hey
   I got one from Visa not long ago. Though I dont own a credit card. I was asked to fill out details including my credit card number in the mail. I tried to verify the authenticity by replying back. But then the mail could not be delivered. I guess Visa card holders better be careful
   

   Posted by: divya on May 28, 2003 03:40 AM

3. This is not really a comment. i just need help on getting back my money or the product that i bought 6 months ago from starkickz.com. If you guys know of any organisations that help in these situations please e-mail me and let me know about them. Thank you.

   Posted by: Mark Harris on August 18, 2003 02:00 PM

4. One very good rule of thumb: NEVER submit personal information of any sort to a form unless *YOU* yourself initiated the contact. If you get an email or a telephone call from some organization requesting action, type in the URL by yourself, by hand, to a known site, or request a phone number and contact the organization *yourself*. This foils *most* social engineering scams such as the one mentioned here.

   Posted by: drefty mcphooter on August 24, 2003 01:10 PM

5. I've only seen one of these. And that was to go and enter my AOL details to update my account. Nice try! (I don't use AOL any more, btw). The address was onIinesecurity@aol.com - the I looking like an l, to fool people.

   Posted by: lix on September 16, 2003 02:38 PM

6. You can find it at ikwebs > software > cyber cafe

   Posted by: adams on October 25, 2003 02:49 PM