[TriLUG] OT: phishing on PayPal
Joseph Mack
mack.joseph at epa.gov
Mon Jan 10 15:07:49 EST 2005
I don't know whether phishing is news to people on this group, but this
is the first time it's happened to me.
I've been doing some travelling and accessing paypal from various different
IPs and wasn't terribly surprised to get e-mail from PayPal telling me that
they had noticed my change in behaviour and quoting the domains I was coming
from (which I didn't recognise) and wanted me to go to their site
and reconfirm my identity. I expected to need an exchange of e-mails to
my registered e-mail account. Instead when I clicked on the link labelled
www.paypal.com (or whatever) I got a webpage with an IP in the URL and
asking me to fill in my credit card details. Looking at the e-mail I see
the link displays the string for paypal, but the embedded link is to an IP.
I've e-mailed PayPal cc:'ing the mail, and asking how someone else might
know I've been travelling (they may not, and are just sending the same
e-mail to everyone), but have not heard back from them. I'm also wondering
how anyone knows I have a paypal account.
Joe
--
Joseph Mack PhD, High Performance Computing & Scientific Visualization
LMIT, Supporting the EPA Research Triangle Park, NC 919-541-0007
Federal Contact - John B. Smith 919-541-1087 - smith.johnb at epa.gov
More information about the TriLUG
mailing list