Full Disclosure mailing list archives
Paypal scam uses Korean school Web server
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Mon, 21 Apr 2003 08:40:12 -0400
Hi, Some criminal type has apparently broken into a Web server belonging to an elementary school in Korea and has set up a CGI script to collect people's credit card and bank account information. To get people to supply this private information, the scammer has been sending out the attached spam email message which gives the impression it is from the PayPal billing department. The CGI script is located at this URL: http://211.34.252.132/secure/PayPalSecurity The IP address 211.34.252.132 is owned by: Haengjoo Kim Hajang Elemantary School 76-1 Goangdong-Ri Hajang-Mayn Samchok-Si KANGWON +82-33-552-0034 kngreung () soback kornet net If someone on this list speaks Korean, can they please let the folks at Hajang Elementary School that there is a problem and that the scam needs to be shutdown ASAP. Richard M. Smith http://www.ComputerBytesMan.com Return-Path: <security () paypal com> Delivered-To: rms2000-computerbytesman:com-rms () computerbytesman com X-Envelope-To: rms () computerbytesman com Received: (qmail 84944 invoked from network); 19 Apr 2003 18:23:15 -0000 Received: from adsl-64-109-171-17.dsl.chcgil.ameritech.net (HELO linux8b.local.7188.us) (64.109.171.17) by siyazi.pair.com with SMTP; 19 Apr 2003 18:23:15 -0000 Received: from localhost (linux8b.local.7188.us [127.0.0.1]) by linux8b.local.7188.us (8.12.8/8.12.8) with SMTP id h3JIXIwD008939 for <rms () computerbytesman com>; Sat, 19 Apr 2003 13:33:25 -0500 Message-Id: <200304191833.h3JIXIwD008939 () linux8b local 7188 us> From: <security () paypal com> To: <rms () computerbytesman com> Subject: PayPal Security check Date: Sat, 19 Apr 2003 13:33:18 -0500 X-Mailer: sendEmail-1.40 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Dear valued PayPal member, It has come to our attention that your eBay Billing Information records are out of date. That requires you to update the Billing Information If you could please take 5-10 minutes out of your online experience and update your billing records, you will not run into any future problems with eBay's online service. However, failure to update your records will result in account termination. Please update your records in maximum 24 hours. Once you have updated your account records, your eBay session will not be interrupted and will continue as normal. Failure to update will result in cancellation of service, Terms of Service (TOS) violations or future billing problems. Please click here to update your billing records. Thank you for your time! Marry Kimmel, PayPal Billing Department team. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Paypal scam uses Korean school Web server Richard M. Smith (Apr 21)