March 20, 2009

Web phishers and forgers eat scum!

Some evil little bastard or group of'em went out on a phishing expedition today to try to capture Paypal log-in information from unsuspecting folks. I thought I'd show how this little scam works.

Being in the internet business, I see these types quite regularly caught in our spam/virus filtering servers, this one somehow made it into my mail box. As you can imagine, I know not to provide any type of login or personal info from unsolicited emails. And I also know NOT to use MS Explorer as my primary web browser. You'll see why later....The email address was masked to look like it came from paypal@paypal.com - this is such a simple trick to set up that it insults one's intelligence. Above is a screen shot of the email with the hyperlink to the supposed paypal site where I am to "log-in" to update and or correct my account.

I know this is suspect immediately because the domain name isn't paypal.com. If you look carefully, it is database-confirmation.com They evil bastards just created a subdomain account using paypal.database-confirmation.com - as most people will just see paypal in the web address and click away.

So knowing this is a phishing expedition, I copied the link and opened up my Mozilla Browser which I consider a far superior browser for surfing the internet. Here's the screen message that came up - Mozilla is telling me that I shouldn't even thinking about connecting to that website - it's already been reported as a web forgery! I back out and am relieved that I did not unknowingly give my paypal log in details.
However, being the inquisitive little shit that I am, I can't leave it at that. So I open an MS Explorer window and paste the same URL address. Lo and behold, I'm taken to what sure looks like Paypal's website - even all the hyperlinks in the page go to internal paypal.com links. All except the golden log-in box which is patiently waiting for my paypal email and password log-in info.
So while probably not all that smart but I couldn't help myself, I entered in my Paypal email address - teeheehee....yousuck@youareevil.com and my favorite paypal password: yousuck!

A new window appears that tells me there was an error with my log-in. So I did what everyone does, I re-type my info again - exactly the way I did it the first time - and have now confirmed to the evil bastards that yes, in fact, these are my PayPal credentials. By the time I "figure out" that the error message is going to reappear every time I enter in the same credentials, the evil bastards have cleaned out my Paypal account and are halfway to China!

Funny, I should say that, I also did a whois look up on the domain name: database-confirmation.com and see that is registered and owned by one Pan Wei wei in Beijing, China.

So a lesson to the wise - download Mozilla's browser for free and make it your primary browser
http://www.mozilla.com

And never ever provide critical account information just because someone sends you an urgent email telling you to do so.

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...