pay pal red alert
| Author | Topic: pay pal red alert |
|---|---|
|
Apprentice
Member # 5382
|
written Monday, February 28 2005 22:19
Profile
i just wanted everyone to know. that a co-worker of a friend of mine. just had his pay pal account compromised. he checks it all the the time and found a $100 draft that was going to come out out that he didn't approve. thankfully he found it before it hit his bank. he has the person's e-mail and is taking care of it. so if you use pay pal to do a lot of ordering online check your account often and keep an eye out for unauthorized transactions. -------------------- a true spiderweb software addict. currently registered: boe,boa,geneforge2,nethergate,homeland-stone of night. more to come.... Posts: 14 | Registered: Tuesday, January 11 2005 08:00 |
|
Shaper
Member # 5450
|
written Monday, February 28 2005 23:22
Profile
Homepage
Ok. Thank-you for the warning -------------------- I'll put a Spring in your step. Polaris Posts: 2396 | Registered: Saturday, January 29 2005 08:00 |
|
Law Bringer
Member # 2984
|
written Monday, February 28 2005 23:29
Profile
Homepage
That often happens after getting some crappy scam mail with a subject similar to "Your PayPal Account has been Suspended" or "Security Measures for your PayPal Account" and giving them your password by logging in on their site. -------------------- The Encyclopaedia Ermariana <-- Now a Wiki! "Polaris leers down from the black vault, winking hideously like an insane watching eye which strives to convey some strange message, yet recalls nothing save that it once had a message to convey." --- HP Lovecraft. "I single Aran out due to his nasty temperament, and his superior intellect." --- SupaNik Posts: 8752 | Registered: Wednesday, May 14 2003 07:00 |
|
Shaper
Member # 5450
|
written Monday, February 28 2005 23:34
Profile
Homepage
Yes, but an easy way to counter that (if you have hotmail or any service that shows you the size of the email) is that you look at it, and most of the time, PROPER emails from the site it claims to be, the size of the email is about 5kb. Virus's, spam emails etc. have the size as about 70kb. Do you understand me? Probably not, but I'll explain again if you don't. -------------------- I'll put a Spring in your step. Polaris Posts: 2396 | Registered: Saturday, January 29 2005 08:00 |
|
...b10010b...
Member # 869
|
written Monday, February 28 2005 23:46
Profile
Homepage
An even better way is to ask the appropriate organisation's customer service department (in this case, Paypal's) whether they've been sending out any such emails. 99.9% of the time, the answer is no. -------------------- My BoE Page Bandwagons are fun! Roots Hunted! Posts: 9973 | Registered: Saturday, March 30 2002 08:00 |
|
Law Bringer
Member # 2984
|
written Tuesday, March 1 2005 00:19
Profile
Homepage
quote:Nonsense. An email is larger than usual if it contains a virus. An email with no other purpose than so-called "phishing" does not commonly contain a virus. Recognizing the "fraud factor" in an email through its size is crap. I use the "Nigeria" instinct: Every mail concerning my PayPal account is fraud. To this day, I have not once received a genuine PayPal notification at any other times than when I made transactions. [ Tuesday, March 01, 2005 00:21: Message edited by: Daryl Mycroft [Arancaytar] ] -------------------- The Encyclopaedia Ermariana <-- Now a Wiki! "Polaris leers down from the black vault, winking hideously like an insane watching eye which strives to convey some strange message, yet recalls nothing save that it once had a message to convey." --- HP Lovecraft. "I single Aran out due to his nasty temperament, and his superior intellect." --- SupaNik Posts: 8752 | Registered: Wednesday, May 14 2003 07:00 |
|
Apprentice
Member # 5382
|
written Tuesday, March 1 2005 11:16
Profile
thanks i'll pass on the information. i have an account too. that's how i buy my games here. i panicked thinking i wouldn't be able to get "homeland" lol just kidding guys. anyways really thanks you made me feel a lot better. now i need to go check my account so i can order some more games. BIG UPDATE!!!! he never got an e-mail his account was hacked into.!!! [ Tuesday, March 01, 2005 12:08: Message edited by: clstem4ever ] -------------------- a true spiderweb software addict. currently registered: boe,boa,geneforge2,nethergate,homeland-stone of night. more to come.... Posts: 14 | Registered: Tuesday, January 11 2005 08:00 |
|
Law Bringer
Member # 335
|
written Tuesday, March 1 2005 13:02
Profile
Homepage
To avoid getting scammed, don't log into any account through a site reached via email. Go to the site in question and log in there. —Alorael, who has only rarely seen scams that don't immediately scream "SCAM!" at anyone paying attention. The clever ones fake an email address from the correct site, look official, and lack the ubiquitous typographical errors of the casual scammer. Posts: 14579 | Registered: Saturday, December 1 2001 08:00 |
|
Warrior
Member # 3610
|
written Tuesday, March 1 2005 13:15
Profile
Actually, if you look at the code for the url in the email, it is usually something like <http://www.somesite.com/random/extension/w/ierd/ltrs/$7r4Ng3-41ph4-nUm3r1c-C0D3@ipa.ddr.ess.com/extentions>. You are really on the website with the IP address of ipa.ddr.ess.com, not the one with the URL of http://www.somesite.com. The @ shows that everything coming before that is just a log-in name. Posts: 129 | Registered: Tuesday, October 28 2003 08:00 |
|
Apprentice
Member # 5512
|
written Tuesday, March 1 2005 15:44
Profile
you know... NO COMPANY IN THE WORLD IN THE TECH INDUSTRY WILL ASK FOR YOUR PASSWORD. at least, not any respectable company -------------------- Gir! What did you do with the Guidance chip? I took it out to make room for the CUPCAKE!!!!! Posts: 30 | Registered: Thursday, February 17 2005 08:00 |
|
Law Bringer
Member # 2984
|
written Tuesday, March 1 2005 15:55
Profile
Homepage
quote:That's the reason for my "Paranoia" reasoning. Just assume all mail concerning someone giving you money is fraudulent. You might miss a goodie, but in the long run, it saves time. Same about PayPal-related mails concerning anything except transaction confirmation. (A transaction you KNOW of, of course) [ Tuesday, March 01, 2005 15:56: Message edited by: Daryl Mycroft [Arancaytar] ] -------------------- The Encyclopaedia Ermariana <-- Now a Wiki! "Polaris leers down from the black vault, winking hideously like an insane watching eye which strives to convey some strange message, yet recalls nothing save that it once had a message to convey." --- HP Lovecraft. "I single Aran out due to his nasty temperament, and his superior intellect." --- SupaNik Posts: 8752 | Registered: Wednesday, May 14 2003 07:00 |
|
...b10010b...
Member # 869
|
written Tuesday, March 1 2005 16:42
Profile
Homepage
Frankly, I'd hardly call PayPal a respectable company. -------------------- My BoE Page Bandwagons are fun! Roots Hunted! Posts: 9973 | Registered: Saturday, March 30 2002 08:00 |
|
Warrior
Member # 5520
|
written Tuesday, March 1 2005 16:51
Profile
Thanks for a helpful thread. Just curiosity. How safe is it to send Credit Card information through e-mail? As an alternative paying method to the Spdierwebsoft. Posts: 53 | Registered: Saturday, February 19 2005 08:00 |
|
Law Bringer
Member # 335
|
written Tuesday, March 1 2005 17:17
Profile
Homepage
If you mean the online ordering, which isn't quite the same as email, it's probably as safe as the company backing it. As far as Spiderweb goes, I haven't heard of any problems at all. Sending your credit card information through email is as safe as the destination (in this case, safe), and the email service you use. As long as you do nothing really stupid, there should be no trouble with it. —Alorael, who recommends the online ordering as slightly easier to fill out, probably easier to read, and probably slightly more secure, although that shouldn't be a concern for either method. Posts: 14579 | Registered: Saturday, December 1 2001 08:00 |
|
...b10010b...
Member # 869
|
written Tuesday, March 1 2005 17:29
Profile
Homepage
Actually, sending credit card details by email is somewhat risky. Unless you encrypt your email, it's possible that your details could be intercepted. I've heard the security of email being compared to that of a conversation in a crowded restaurant -- chances are that nobody who overhears you will be interested in what you're saying, but there's always a risk. -------------------- My BoE Page Bandwagons are fun! Roots Hunted! Posts: 9973 | Registered: Saturday, March 30 2002 08:00 |
|
Apprentice
Member # 5382
|
written Tuesday, March 1 2005 21:35
Profile
like i said he never got an e-mail. his account was hacked directly throught the pay pal site. -------------------- a true spiderweb software addict. currently registered: boe,boa,geneforge2,nethergate,homeland-stone of night. more to come.... Posts: 14 | Registered: Tuesday, January 11 2005 08:00 |
|
...b10010b...
Member # 869
|
written Tuesday, March 1 2005 22:00
Profile
Homepage
We heard you the first time. The thread has gone off-topic. Move along. -------------------- My BoE Page Bandwagons are fun! Roots Hunted! Posts: 9973 | Registered: Saturday, March 30 2002 08:00 |
|
Warrior
Member # 4414
|
written Tuesday, March 1 2005 22:37
Profile
Homepage
You can often see some amusing things if you look at the source (as in, source code) of an email you suspect is a scam. When it comes to a lot of people, if they see a highlighted URL with an underline, they instantly assume that the link goes to THAT URL. Such as this: http://www.paypal.com However, something many people overlook is that links can go anywhere no matter what the text of the link actually says. Like this one: http://www.paypal.com I believe most browsers show you the URL of a link you put the mouse over, usually in the bottom left corner of your browser window. Most phishers rely on the fact that nobody looks at the URL displayed by your browser before actually clicking the link. You can also learn where a link actually goes by checking the source code, if your email provider allows this. This is the HTML for a link: <a href="http://www.spidweb.com">Spiderweb Software</a> Which would appear as: Spiderweb Software The part in the quotes after "a href=" is the URL that the link will send you to. The part after that, between > and </a>, is the text that will appear and be clickable as a link. Obviously, there's nothing stopping anyone from mislabeling a link! Such as.... <a href="http://www.spidweb.com">Hot Sexy Ladies in Swimwear!</a> Now, in this case, anyone clicking on Hot Sexy Ladies in Swimwear! would be sent to Spiderweb Software's home page and be profoundly disappointed. So, you see, it's THAT easy to misrepresent the target of a link. You can always avoid being tricked if you check the actual URL of the link you are clicking on. I once got a Paypal scam where the link SAID "www.paypal.com," but the URL it was coded to send me to was "faktap.faktap.org." Just a little explanation for anyone unfamiliar with HTML and links. :) This simple knowledge basically makes you immune to phishing scams. -------------------- AIM/Yahoo IM: Cavanoskus Scary artwork and Bad Poetry The Wildlife Research Team SnakeNetMetalRadio "We, who are about to die, salute you." Posts: 86 | Registered: Friday, May 21 2004 07:00 |
|
...b10010b...
Member # 869
|
written Tuesday, March 1 2005 22:50
Profile
Homepage
Some scams are even cleverer than that, though; they can actually change the URL in the browser's address bar so that it's different from the URL that is in fact being loaded by the browser. -------------------- My BoE Page Bandwagons are fun! Roots Hunted! Posts: 9973 | Registered: Saturday, March 30 2002 08:00 |
|
Law Bringer
Member # 2984
|
written Tuesday, March 1 2005 23:50
Profile
Homepage
When in unknown territory, I make it a point to right-click and copy URLs and paste them in the address bar. Spending nearly two years in the company of people who will occasionally try to mask a link to Goatse for kicks has taught me that. :rolleyes: -------------------- The Encyclopaedia Ermariana <-- Now a Wiki! "Polaris leers down from the black vault, winking hideously like an insane watching eye which strives to convey some strange message, yet recalls nothing save that it once had a message to convey." --- HP Lovecraft. "I single Aran out due to his nasty temperament, and his superior intellect." --- SupaNik Posts: 8752 | Registered: Wednesday, May 14 2003 07:00 |
|
Agent
Member # 1104
|
written Wednesday, March 2 2005 15:12
Profile
Homepage
http://www.paypal.com/ An example of IDN spoofing. Very simple but requires you to register a domain name with those characters. Later browser versions are protected from this. I believe paypal now has control over this domain. Oh yeah, and right clicking and copying the link into the address bar will do absolutely nothing as you will still end up exactly where you would have been if you had actually clicked on the link (in reference to the above link). [ Wednesday, March 02, 2005 15:17: Message edited by: RC ] -------------------- Austrian Alex - Reality Corp. Posts: 1307 | Registered: Tuesday, May 7 2002 07:00 |
|
Law Bringer
Member # 2984
|
written Wednesday, March 2 2005 15:33
Profile
Homepage
It's something about the first a, right? When I set it to a different font, that a won't display correctly... -------------------- The Encyclopaedia Ermariana <-- Now a Wiki! "Polaris leers down from the black vault, winking hideously like an insane watching eye which strives to convey some strange message, yet recalls nothing save that it once had a message to convey." --- HP Lovecraft. "I single Aran out due to his nasty temperament, and his superior intellect." --- SupaNik Posts: 8752 | Registered: Wednesday, May 14 2003 07:00 |
|
Agent
Member # 1104
|
written Wednesday, March 2 2005 17:21
Profile
Homepage
Yes, that 'a' is the equivilent of an ASCII 'a', or at least I think it's ASCII. <a href="http://www.pаypal.com/" target="_blank">http://www.paypal.com/</a>[ Wednesday, March 02, 2005 17:22: Message edited by: RC ] -------------------- Austrian Alex - Reality Corp. Posts: 1307 | Registered: Tuesday, May 7 2002 07:00 |
|
Warrior
Member # 4414
|
written Friday, March 4 2005 12:29
Profile
Homepage
So, I guess it's always a good idea to look at the source code whenever possible? -------------------- AIM/Yahoo IM: Cavanoskus Scary artwork and Bad Poetry The Wildlife Research Team SnakeNetMetalRadio "We, who are about to die, salute you." Posts: 86 | Registered: Friday, May 21 2004 07:00 |
