[ale] FW: Paypal account update spoof

Thomas Holmquist fishy at ipa.net
Wed Apr 23 02:45:05 EDT 2003


Hello Red Hat Network Subscriber,

This is an automatically generated mail from the Red Hat Network Alert
System. You are receiving this message because RHN has detected that
you have one or more inactive servers subscribed to your account.

RHN has flagged your inactive system profiles for deletion and will
remove these profiles from your account in the next 15 days unless
you act first.


15 days vs. 24 hours :P

ChangingLINKS.com wrote:

>Hey, I never said attention to detail was my strong suit ;)
>Besides, my only RedHat box got a message like that and DID get kicked off 
>RedHat Network because I failed to respond to some email or other. Guess I 
>gotta re-install.
>
>Drew
>
>
>
>On Wed April 23 2003 01:00, Thomas Holmquist wrote:
>  
>
>>failure to update your records will result in
>>account termination. Please update your records in maximum 24 hours."
>>
>>seems a bit obvious...
>>
>>ChangingLINKS.com wrote:
>>    
>>
>>>WHOOOOAAA!
>>>I actually got that email/website, and I was thinking "do I have a PayPal
>>>account?" (I used to ask 'close friends' to do that type of admin work for
>>>me).
>>>
>>>Then I thought, "They want all THAT information? I will let the account
>>>expire, and sign up again if I need it."
>>>
>>>I have gotten tons of spam,  and seen almost everything, but THIS scam was
>>>convincing. Perhaps if they had asked for less, they would have gotten my
>>>info.
>>>
>>>However, the "PayPal scam" is NOT the only scam you gotta worry about. You
>>>also have to worry about *the* PayPal scam. Just days before, I read the
>>>racket that PayPal is running *themselves*:
>>>
>>>See:
>>>www.paypalsucks.com
>>>openstuff.net/index.py/paypal
>>>www.nopaypal.com/contact.shtml
>>>
>>>Thanks Bob for letting me know that was a scam. It does look pretty
>>>convincing (except that they ask for so much). Hopefully, fewer people
>>>will get ripped off by "legal or illegal" PayPal crooks.
>>>
>>>Drew
>>>
>>>On Tue April 22 2003 23:43, Transam wrote:
>>>      
>>>
>>>>This is a fine example of Social Engineering that probably will be
>>>>quite successful.  Always be suspicious of similar types of requests
>>>>asking for your sensitive information, such as credit card, debit card,
>>>>and bank account numbers, and other personal information.
>>>>
>>>>--Bob
>>>>
>>>>----- Forwarded message from Bob Toxen <bob at verysecurelinux.com> -----
>>>>
>>>>-----Original Message-----
>>>>From: Jerry Becknell [mailto:gbecknell at FBI.GOV]
>>>>Sent: Friday, April 18, 2003 2:54 PM
>>>>To: INFRAGARD-ATLANTA at LISTSERV.CC.EMORY.EDU
>>>>Subject: [INFRAGARD-ATLANTA] FW: [Infragard-discussion] Warning: Paypal
>>>>account update spoof...
>>>>
>>>>The following information provided through InfraGard Atlanta:
>>>>infragard.atlanta at fbi.gov www.infragardatlanta.org
>>>>
>>>>-----Original Message-----
>>>>From: infragard-discussion-admin at listserv.infragard.org
>>>>[mailto:infragard-discussion-admin at listserv.infragard.org] On Behalf Of
>>>>Paul Zasada
>>>>Sent: Friday, April 18, 2003 11:43 AM
>>>>To: InfraGard_Discussion
>>>>Subject: [Infragard-discussion] Warning: Paypal account update spoof...
>>>>
>>>>Beware of an urgent email from security at Paypal.com to update your
>>>>account...
>>>>
>>>>"It has come to our attention that your eBay Billing Information records
>>>>are out of date.  That requires you to update the Billing Information. 
>>>>If you could please take 5-10 minutes out of your online experience and
>>>>update your billing records, you will not run into any future problems
>>>>with eBay's online service.  However, failure to update your records
>>>>will result in account termination.  Please update your records in
>>>>maximum 24 hours."
>>>>
>>>>
>>>>The link provides a web page that requests: username/password/email,
>>>>creditcard/CCV, bank account/ABA... whole 9 yards.  The presentation is
>>>>extremely convincing, with Paypal graphics deep-linked from official
>>>>Paypal servers and all links programmed to show the Paypal.com URL in
>>>>the browser status window on mouseover.
>>>>
>>>>The webpage requesting update of info is not an SHTTP page (ssl) and the
>>>>URL is a numerical IP to mask the identity, which goes to a bogus
>>>>"elemantary" school in Korea: http://211.34.252.132/
>>>>
>>>>
>>>>FBI Cybercrime Division confirms this is a new scam that is similar to
>>>>one which masqueraded as AOL and several other online service providers.
>>>> If you receive email that provides a link with a destination page
>>>>requesting personal information, you should be very suspicious. 
>>>>Generally, you should never give out personal information unless you go
>>>>to that service provider's site and physically log into your account
>>>>with your user-name and password.
>>>>
>>>>Please feel free to circulate this to anyone that can benefit.
>>>>
>>>>Paul Zasada
>>>>Communications Director
>>>>FBI InfraGard Connecticut
>>>>http://www.InfraGard-CT.org
>>>>_______________________________________________
>>>>Infragard-discussion mailing list
>>>>Infragard-discussion at listserv.infragard.org
>>>>http://listserv.infragard.org/mailman/listinfo/infragard-discussion
>>>>
>>>>*******
>>>>This message (including any attachments) contains confidential
>>>>information provided by InfraGard Atlanta, and is intended for a
>>>>specific InfraGard addressee.  This message is being distributed for
>>>>informational purposes only.  InfraGard assumes no responsibility and no
>>>>liability for the content of the message or liability for any
>>>>attachments sent.  If you are not the intended recipient, you should
>>>>delete this message immediately, and are hereby notified that any
>>>>disclosure, copying, or distribution of this message, or the taking of
>>>>any action based on it, is strictly prohibited. If you do not agree to
>>>>these terms and conditions, you are required to notify InfraGard Atlanta
>>>>immediately by email that you do not accept the InfraGard terms and
>>>>conditions.  InfraGard reserves the right to remove you from its
>>>>recipient list or take whatever steps it believes necessary or
>>>>appropriate to protect its legal rights.
>>>>InfraGard is an information sharing and analysis effort serving the
>>>>interests and combining the knowledge base of a wide range of members.
>>>>InfraGard is a cooperative undertaking between the U.S. Government (led
>>>>by the FBI and the NIPC) and an association of businesses, academic
>>>>institutions, state and local law enforcement agencies, and other
>>>>participants dedicated to increasing the security of United States'
>>>>critical infrastructures.
>>>>
>>>>********
>>>>If you no longer wish to receive InfraGard Atlanta member emails, send a
>>>>request via email to Jerry Becknell, InfraGard Atlanta Coordinator at
>>>>gbecknell at fbi.gov
>>>>
>>>>----- End forwarded message -----
>>>>_______________________________________________
>>>>Ale mailing list
>>>>Ale at ale.org
>>>>http://www.ale.org/mailman/listinfo/ale
>>>>        
>>>>
>>_______________________________________________
>>Ale mailing list
>>Ale at ale.org
>>http://www.ale.org/mailman/listinfo/ale
>>    
>>
>
>  
>


_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list