Simon’s Backup Weblog

Nasty new phishing attack going around…

Posted in Uncategorized by Simon Bisson on July 28, 2005

I’ve not seen this before, but as I got a couple today, I thought I’d better warn folk that there’s a nasty variant of the standard PayPal account phishing scams going around.

Instead of using the tired old method of pretending that some security breach has compromised your account details, and trying to get you to head off to the phisher’s web site to “reconfirm” your passwords (and for them to then use them to ransack your accounts), this one plays on that most primal of human natures: greed.

It’s quite a simple scam, really. You get a mail that looks like a standard PayPal payment receipt, indicating that someone has sent you a trivial amount (£12 or $12 seem to be the usual amounts), and that you should claim the money the usual way. Click on the link in the mail and you’re off to a reasonable facsimile of the PayPal site – but of course you’re at the phisher’s site, and he wants your username and password. There’s no money – it’s just bait.

If you’re not expecting a PayPal payment check any mail that claims to be a payment very carefully before clicking. What may appear to be to good to be true is probably going to cost you a lot more than that windfall of £12 you’ve been promised…

Oddly the latest fake name used by our not-so-friendly phisher appears to live at “Hacktor Way”. Only goes to show…


3 Responses to 'Nasty new phishing attack going around…'

Subscribe to comments with RSS or TrackBack to 'Nasty new phishing attack going around…'.

  1. tanais said,

    we got one tonight for £12. I taught ellie how to read raw email headers and she’s a dab hand at spotting even the good ones now.

    Only enter via a URL you keyed in via a browser window you opened…

    Its that simple

  2. bibliofile said,

    Thanks for the warning. It’s gotten so that I always forward email (with full header info) “from” eBay and Paypal to their spoof-reporting addresses (, I haven’t yet sent them any of their own email, but I suspect that’s only a matter of time.

  3. johannes_d said,

    I had a couple last week and the main reason it did not catch me was it came to an email account I don’t use for paypal. That set the alarm ringing and then I looked at the headers and html of the site and it became clear.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: