RE: Would you trust these Emails (EBAY & PAYPAL)

["Remko Lodder" <remko () elvandar org>]

I Would never trust such emails from EBAY and PAYPAL (and others)
Especially when i know that i don't requested anything at all.
And indeed, investigating the origin of the Emails are far beyond
than the ones propably used by EBAY and PAYPAL, I
am pretty sure they would not send email out via a .edu and via a
host in Shanghai.

Cheers :)

--

Kind regards,

Remko Lodder
Elvandar.org/DSINet.org
www.mostly-harmless.nl Dutch community for helping newcomers on the
hackerscene

-----Oorspronkelijk bericht-----
Van: full-disclosure-bounces () lists elvandar org
[mailto:full-disclosure-bounces () lists elvandar org]Namens Harald Dumdey
Verzonden: zaterdag 21 februari 2004 11:55
Aan: full-disclosure () lists netsys com; harald.dumdey () nexgo de
Onderwerp: [Full-Disclosure] Would you trust these Emails (EBAY &
PAYPAL)


Hi,

i've received these two emails, and i dont know why....

What do you think about this?

regards,

Harald Dumdey

---------------------------------------------------------

The EBAY-Mail was sent by in-187-185.dhcp-149-166.iupui.edu

WHOIS-Output

   Search results for: 149.166.187.185


OrgName:    Indiana University-Purdue University at Indianapolis
OrgID:      IUUAI
Address:    University Information Technology Services
Address:    ET 012
Address:    799 West Michigan Street
City:       Indianapolis
StateProv:  IN
PostalCode: 46202
Country:    US

NetRange:   149.166.0.0 - 149.166.255.255
CIDR:       149.166.0.0/16
NetName:    IUPUI-NET2
NetHandle:  NET-149-166-0-0-1
Parent:     NET-149-0-0-0-0
NetType:    Direct Assignment
NameServer: DNS1.IU.EDU
NameServer: DNS2.IU.EDU
Comment:
RegDate:    1991-05-06
Updated:    2003-12-22

TechHandle: ON6-ORG-ARIN
TechName:   INDIANA UNIVERSITY COMPUTING SERVICES
TechPhone:  +1-317-274-7788
TechEmail:  oitnoc () iupui edu

OrgTechHandle: DBE43-ARIN
OrgTechName:   Beals, Damon
OrgTechPhone:  +1-317-274-7946
OrgTechEmail:  dbeals () iupui edu

OrgTechHandle: DNSAD60-ARIN
OrgTechName:   DNS Administrator
OrgTechPhone:  +1-317-274-0707
OrgTechEmail:  dns-admin () iupui edu

# ARIN WHOIS database, last updated 2004-02-20 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.



The PAYPAL-Email shows a link to 210.78.22.113

WHOIS-Output

% [whois.apnic.net node-1]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

inetnum:      210.78.22.64 - 210.78.22.128
netname:      SHJITONG-CN
descr:        JiTong Shanghai Communications Co.,Ltd
country:      CN
admin-c:      ZQ15-AP
tech-c:       ZQ15-AP
mnt-by:       MAINT-CHINAGBN-AP
changed:      kevin () gb com cn 19990826
status:          ASSIGNED NON-PORTABLE
source:       APNIC
changed:      hm-changed () apnic net  20020827

person:       Zhongbao Qian
address:      Room 1001,Lekai Builing,Shangcheng Road,
address:      Pudong Xin district,Shanghai
country:      CN
phone:        +86-021-58313170
fax-no:       +86-021-58312630
nic-hdl:      ZQ15-AP
mnt-by:       MAINT-CHINAGBN-AP
changed:      kevin () gb com cn 19990826
source:       APNIC

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html