|
 |
|
|
|
|
| Fraud Name: |
PayPal.httpsLink |
| Date Discovered: |
February 6, 2004 |
| Type of Threat: |
Phishing |
| Description: |
This email appears to come from PayPal and informs you that they
are upgrading their server to install better protection software.
The email requests you to click on the link provided in the email
to fill in a registration form and renew your account. Clicking
on 'click here' opens a blank browser window and pops up a Security
Alert. The URL on the blank page starts with "https" (instead
of http), to indicate you are at a trusted site. The popup informs
you that information exchanged with the site cannot be viewed or
changed by others and lets you know that the company has been issued
a security certificate. You are also warned the certificate has
been issued by a company that you have not chosen to trust and the
name on the security certificate is invalid or does not match the
name on the site. If you click "Yes", indicating that
you want to proceed, you are taken to a window asking for personal
and account information, including your credit card number and CVV
code, your social security number, your ATM PIN, your mother's maiden
name, and your date of birth. The page also includes security questions,
a security test, a user agreement and privacy policy in an attempt
to make the site look legitimate. Filling in the information requested
and clicking on "Submit" takes you to a screen which claims
that the information you submitted will be verified by the PayPal
Accounts Management Department in 24 hours. |
| Recommended Action: |
Do not respond or follow links in the email. Report this and other
suspicious emails to MailFrontier using the "Report Fraud"
menu item in Matador or by forwarding the email to fraud@mailfrontier.com.
Practice safe logins: don't login to update account information
using a link sent via email. Instead, login to accounts directly
from your browser with the links you normally use to update account
information. |
| |
|
From:
|
PayPal (verification@paypal.com) |
| Subject Line: |
Verify your identity |
| Screenshot of Fraudulent
Email: |
| Screenshot of Fraudulent
Popup: |
| Screenshot of Fraudulent
Site: |
| Screenshot of Fraudulent
Popup: |
Copyright (c) 2004 by MailFrontier, Inc.
Permission to redistribute this alert electronically is granted as long
as it is not edited in any way unless authorized by MailFrontier Email
Security Team. Reprinting the whole or part of this alert in any medium
other than electronically requires permission from EmailThreatAlert@MailFrontier.com
Disclaimer
The information in this advisory is believed to be accurate at the time
of publishing based on information then currently available to MailFrontier's
Email Security Team; however, MailFrontier does not warrant the accuracy
or completeness of the information contained in any advisory.
|
