Bugtraq mailing list archives
Re: PayPal "security" measures
From: sh0rtie <this.is () gmail com>
Date: Wed, 6 Apr 2005 19:18:55 +0100
DNS poisoning could very well be the reason ISC has details up on its site today and are running at yellow becuase of it http://isc.sans.org/ On Apr 4, 2005 5:29 PM, McAllister, Andrew <McAllisterA () umsystem edu> wrote:
I followed up with Mr Rasmussen privately. I've been getting phishing spam that looks to be from PayPal (nothing new there), but strangely enough has NO visible attack vector. The phishing spam directs me to a legitimate paypal page. I know it is a scam because, e-mail headers indicate the mail has come from unknown hosts, and I've received confirmation from PayPal that it is a scam. I reported the "spoof" e-mail via this paypal link: https://www.paypal.com/ewf/f=pps_spf. I got a response back about 24 hours later. I have no explanation for this legitimate looking but fraudulent e-mail other than to suspect that phishers are laying groundwork for a follow-up e-mail pointing to a phishing site instead of paypal. Basically, getting victims accustomed to the look and feel of their letter by pointing to paypal, then later sending them another "identical" e-mail that points to the phishing site. Andy-----Original Message----- From: Michael Rueve [mailto:rueve () regioconnect net] Sent: Sunday, April 03, 2005 9:30 PM To: Jeremy Rasmussen; bugtraqsnipHas anyone here been able to contact this company and gotten any reasonable response (i.e. some real and competent person, not automated replies or replies that clearly tell you the person responding did not even read your request)?snip
Current thread:
- RE: PayPal "security" measures McAllister, Andrew (Apr 04)
- Re: PayPal "security" measures sh0rtie (Apr 06)
- <Possible follow-ups>
- RE: PayPal "security" measures McAllister, Andrew (Apr 06)