Security's Everyman

Security's Everyman

Tuesday, November 21, 2006

The right bait

I often get phishing emails. They don't bother me because I'm aware of them and I'm very careful before clicking on links. Every now and then I get one that catches my attention and I check into it a little further before declaring it as phish. This morning I got one that made my heart beat a little faster and made me quickly check my paypal account. Below is the text of the email.

You have added restenterprises@yahoo.com as a new email address for
your PayPal account.

If you did not authorize this change or if you need assistance
with your account, please contact PayPal customer service at:

https://www.paypal.com/us/cgi-bin/webscr=_email-login

Thank you for using PayPal!
The PayPal Team


Please do not reply to this e-mail. Mail sent to this address cannot
be answered. For assistance, log in to your PayPal account and choose
the "Help" link in the header of any page.

-----------------------------------------------------------------
                     PROTECT YOUR PASSWORD

NEVER give your password to anyone and ONLY log in at
https://www.paypal.com/. Protect yourself against fraudulent websites
by opening a new web browser (e.g. Internet Explorer or Netscape)
and typing in the PayPal URL every time you log in to your account.

-----------------------------------------------------------------


PayPal Email ID PP0018

HHIKCSLWEFSWXIRMDXOCHIDSSJDZBRRBYLDHYC

What really scared me about this is that it came to the email account that I have registered with paypal. Most of the phishing emails I get don't come to the address that I have registered with the site in question or if it is the email is so obviously fake that I know it right away. It did't take too much investigation to discover that the link is redirected to somewhere in the Asia/Pacific rim but it still gave a little jump to my blood pressure. I can't imagine what I would have done if I was the typical uninformed user. I hate to think that I would have just opened up my paypal account to joe hacker. Even after confirming that it was a phish I still logged in to paypal to make sure. I still had a sinking feeling that I had been compromised. I need to go take a shower. This makes me feel violated.

4 comments:

SamVR said...

Hey Andy - nice blog! Probably not such a great idea to have those links live in your site. Not just to protect the ignorant, but also to keep yourself out of PayPal's crosshairs...

Just a thought!

Andy, ITGuy said...

Thanks Sam. I didn't even think about the links being live when I copied them to the blog.

pizl said...

Thanks for your post! I got that same email and it looked almost legit. This blog came up when I googled restenterprises@yahoo.com and confirmed that it was a scam. Thanks again!

Andy, ITGuy said...

Thanks for reading. I'm taking a little "work induced" break at the moment but will pick back up in a weed or two. Keep checking and reading.

Creative Commons License
This work is licensed under a Creative Commons Attribution-NC-SA 3.0.