Seibertron.com Energon Pub Forums

The following is a classic Paypal fishing-for-accounts scam. I received it at my address related to TFmaster.com. If anyone receives a paypal message like this DON'T respond. Report it to paypal at:

spoof@paypal.com

Here's the cheezer's email:

In response for your PayPal Inc. account security we have to report that your password may be is compromised. Your account is marked for too many successful logins last week It is more interesting that the hostnames are form different countries:

United States (c-67-160-224-80.client.comcast.net)
Canada (HSE-Toronto-ppp3044429.sympatico.ca)
Sweden (c213-100-93-27.swipnet.se)
Russia (32.122.140.213.telenet.ru)

Your account is limited for security reasons.

Follow the link to make sure you are on a secure PayPal Inc. page and login with currently password.
Please authorize your account information before November 5, 2005.

https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run

Thank you for using PayPal Inc.
PayPal Inc. Team

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal Inc. account and choose the "Help" link in the header of any page.

whoa.. Thanks for the heads up!

.billy

I got two of them on different accounts

There are a couple easy ways to indentify these...

1. Paypal; like eBay; will never ask for your account info; password change; or other such things in an e-mail. Instead; it would be posted on the main page of their website; or have a link on their main website page to a help fourm/information site; run by them.

2. The link addresses themselves. If it doesn't start with "https://rover.ebay.com/rover/1/711-53200-19255-0/1?siteid=0&pub=5574891718&campid=5336631220&customid=&toolid=10001&mkevt=1&mpre=http%3A%2F%2Fwww.ebay.com%2F%3F" or "http://www.paypal.com/"; IT IS NOT REAL!! If you notice in that e-mail that JAF got; the link says "https://"; that extra 's' in there makes all the difference... and that's how they catch people. Anyone can mimic eBay or Paypal; it's not hard; but they can't have the exact same address as them...

Hopefully that helps anyone in the future avoid such scams...

...And I got the e-mail as well. Fortunately; I haven't used my Paypal account yet; and I already knew better...

MetalSamamon!

Heh... I aint logged into m,ine in so long it aint even funny. Last time was to send Rocks_TFs the money for that OpOp and, past that... Well... I aint been back in ages... Heh.

MetalSamamon wrote:2. The link addresses themselves. If it doesn't start with "https://rover.ebay.com/rover/1/711-53200-19255-0/1?siteid=0&pub=5574891718&campid=5336631220&customid=&toolid=10001&mkevt=1&mpre=http%3A%2F%2Fwww.ebay.com%2F%3F" or "http://www.paypal.com/"; IT IS NOT REAL!! If you notice in that e-mail that JAF got; the link says "https://"; that extra 's' in there makes all the difference... and that's how they catch people. Anyone can mimic eBay or Paypal; it's not hard; but they can't have the exact same address as them...

Actually, it's the REAL address that'll have the https:// -- that means it's a secure page. The printed address in the message text can be entirely different from whatever it's actually hyperlinked to (you can hover your mouse over the link to see the real address in your e-mail client's status-bar or, at least, I can in Eudora).

Of course, the EASIEST way to distinguish JAF's e-mail from a real PayPal or eBay correspondence is the severely broken English.

LOL
Was it that bad?

Pepie wrote:LOL
Was it that bad?

Well, considering it's supposed to be from eBay and/or PayPal, which tends to have pretty good English.... yeah.

Dark_Lord_Prime wrote:

MetalSamamon wrote:2. The link addresses themselves. If it doesn't start with "https://rover.ebay.com/rover/1/711-53200-19255-0/1?siteid=0&pub=5574891718&campid=5336631220&customid=&toolid=10001&mkevt=1&mpre=http%3A%2F%2Fwww.ebay.com%2F%3F" or "http://www.paypal.com/"; IT IS NOT REAL!! If you notice in that e-mail that JAF got; the link says "https://"; that extra 's' in there makes all the difference... and that's how they catch people. Anyone can mimic eBay or Paypal; it's not hard; but they can't have the exact same address as them...

Actually, it's the REAL address that'll have the https:// -- that means it's a secure page. The printed address in the message text can be entirely different from whatever it's actually hyperlinked to (you can hover your mouse over the link to see the real address in your e-mail client's status-bar or, at least, I can in Eudora).

Of course, the EASIEST way to distinguish JAF's e-mail from a real PayPal or eBay correspondence is the severely broken English.

Hmm...that's interesting. Every time I reported an e-mail to eBay (which I did several times) they told me to watch out for that specifically. Also, they told me to watch for ones with cgi.ebay.com stuff and aw.confirm...

Oh well; I was only trying to help...

But you are correct about the broken English...you'd think that they would be able to better than that

L8r!

MetalSamamon wrote:Hmm...that's interesting. Every time I reported an e-mail to eBay (which I did several times) they told me to watch out for that specifically. Also, they told me to watch for ones with cgi.ebay.com stuff and aw.confirm...

It probably actually told you to watch out if it wasn't https://

If you go to ebay.com and click on "Sign in", the sign-in page is https://

Dark_Lord_Prime wrote:

MetalSamamon wrote:Hmm...that's interesting. Every time I reported an e-mail to eBay (which I did several times) they told me to watch out for that specifically. Also, they told me to watch for ones with cgi.ebay.com stuff and aw.confirm...

It probably actually told you to watch out if it wasn't https://

If you go to ebay.com and click on "Sign in", the sign-in page is https://

Perhaps...that was a couple of years ago when my dad and I were selling stuff together...

i got one of them mails and i don't even have a paypal account.