RE: PayPal "security" measures

["McAllister, Andrew" <McAllisterA () umsystem edu>]

I followed up with Mr Rasmussen privately. I've been getting phishing
spam that looks to be from PayPal (nothing new there), but strangely
enough has NO visible attack vector. The phishing spam directs me to a
legitimate paypal page. I know it is a scam because, e-mail headers
indicate the mail has come from unknown hosts, and I've received
confirmation from PayPal that it is a scam.

I reported the "spoof" e-mail via this paypal link:
https://www.paypal.com/ewf/f=pps_spf. I got a response back about 24
hours later. 

I have no explanation for this legitimate looking but fraudulent e-mail
other than to suspect that phishers are laying groundwork for a
follow-up e-mail pointing to a phishing site instead of paypal.
Basically, getting victims accustomed to the look and feel of their
letter by pointing to paypal, then later sending them another
"identical" e-mail that points to the phishing site. 

Andy 

> -----Original Message-----
> From: Michael Rueve [mailto:rueve () regioconnect net] 
> Sent: Sunday, April 03, 2005 9:30 PM
> To: Jeremy Rasmussen; bugtraq
snip
> Has anyone here been able to contact this company and gotten
> any reasonable response (i.e. some real and competent person,
> not automated replies or replies that clearly tell you the
> person responding did not even read your request)?
snip