Friday, January 07, 2005

Warning - Beware Wolves In Sheeps' Clothing

A few times recently I've received emails from PayPal and Ebay asking my to update my account information for their billing department. They even provide handy links to do so, just click right here.....


They look authentic. They have the right colours, graphics, very professional wording, real looking return addresses...


STOP! They lie. They are nothing but attempts to get your personal information at best, and financial information at worst. Never click a link in these unsolicited emails.


If you ever are required to update your information, PayPal or Ebay will email asking you to log in as you normally do, they will not provide links of convenience. Even if they should be so foolish as to do so, avoid the temptation and do it manually anyways. And never give your password to anyone for any reason except at the normal login page.


If you do give information to a suspect website, change your password immediately and report the transgression to the real website ASAP. Protect yourself.


I recently reported an issue to PayPal and here is there response:


Dear William Dullemond,

Thank you for writing to PayPal regarding the email message you received
that appeared to be from eBay.

As you may have already suspected, this email was not sent by eBay.
These emails, commonly referred to as spoofs, are sent by fraudulent
sources posing as eBay in an attempt to collect sensitive financial
information or passwords.

Please know that PayPal and eBay is committed to the security of our
sites and our members. We review every report we receive and forward all
vital information on to the appropriate authorities for further action
and tracking. We work actively and aggressively in partnership with many
agencies, ISP's and law enforcement groups to support their
investigation of these fraudulent entities. As a public company, we rely
on the same agencies you do to pursue these fraudulent activities. You
may also wish to contact your ISP or email service provider for further
information or instructions.

Now that you have received a spoofed email, your email address has been
collected by a fraudulent source. As a result, you may continue to
receive spoofed emails for some time as these groups move from ISP to
web hosting sites setting up fraudulent email addresses, fake sites and
sending spoofed emails. PayPal and eBay has enacted several preventative
measures and increased information available on both sites help pages to
help educate our members in spotting fake emails.

In the future, we advise you to be very cautious of any email appearing
to be from eBay or PayPal that asks you to submit financial information
such as your credit card number or any type of password. As for eBay,
they will NEVER ask you for certain financial information such as
passwords, bank account or credit card numbers, Personal Identification
Numbers (PINs), or Social Security numbers in an email. All sensitive
information should be submitted on a secure page located on the eBay or
PayPal site.

If you have any doubt about whether an email message is from PayPal,
please forward it immediately to spoof@paypal.com. For eBay spoofed
emails, please forward those to spoof@ebay.com. Please do not respond to
it or click on any of the links in the email message. Please do not
change the subject line or edit the email in any way.

If you have already entered sensitive information as mentioned above,
you should take immediate action to protect your identity and online
accounts. If you only clicked on a link inside of a spoofed email, you
may also want to run a security scan on your computer. eBay has a help
page with valuable information regarding the steps you should take to
protect yourself. Below is a link to this page:

http://pages.ebay.com/securitycenter/index.html

Once again, thank you for alerting us to the spoofed email you received.
Your vigilance helps us ensure that PayPal and eBay remain a safe and
vibrant online marketplace.

Sincerely,
PayPal Account Review Department
PayPal, an eBay Company

*******************************************
Important: eBay will not ask you for sensitive personal information
(such as your password, credit card and bank account numbers, Social
Security numbers, etc.) in an email. Learn more account protection tips
at:
http://www.pages.ebay.com/help/account_protection.html
____________________________________________

For the latest eBay announcements, please check:
http://www2.ebay.com/aw/announce.shtml
_____________________________________________


************************************************************************
This
email is sent to you by the contracting entity to your User Agreement,
either PayPal Inc or PayPal (Europe) Limited. PayPal(Europe) Limited is
authorized and regulated by the Financial Services Authority in the UK
as an electronic money institution.
************************************************************************




Original Message Follows:
-------------------------

Form Message
customer subject: Account Verification
customer message: The web address (URL) of the site you are reporting:
'fast.updateyourinfos.cn'
Additional Information: 'The following is the text of the email. THe
link
of the "Click Here" button was to fast.updateyourinfos.cn
  Dear ************,
During our regular update and verification of Accounts, we could not
verify
your current information. Either your information has been changed or
incomplete, as a result your access to use our services has been
limited.
Please update your information.

>To update your account information and start using our services please
click on the link below: Click Here to Update your Billing Records
>
>Note: Requests for information will be initiated by PayPal Business
Development; this process cannot be externally requested through
Customer
Support.
>
>Note for Hotmail users: Hotmail has applied anti-fraud plug-in. When
users
click on a link on webmail
>it displays a Pop-Up Window with message: "You have clicked a link that
leads to unsafe site" ... follows.
>Please click "OK" to be able to update your billing records.
>Sincerely,
>Accounts Department'

No comments: