Thursday, March 16, 2006

Clever Scammers

I'm sure you've all gotten those e-mails from people phishing: posing as a bank, or some such, and trying to get you to give them your personal info. Some of those scammers put out some pretty clever stuff. Just noticed something really sneaky today:

Got a couple e-mails from someone posing as PayPal. One mistake they made was sending it to an address I don't have registered with PayPal. Otherwise it was pretty good, both of them telling me someone tried to access my account and I needed to go to their phony web site and verify something or another.

I generally just trash that sort of stuff but, after getting a legitimate communication from PayPal asking users to forward phishing e-mails to, I decided to try and help get these creeps from now on.

So, I tried to forward the two e-mails and noticed all the text of both e-mails disappeared when I clicked on the Forward tab. Hmmm...wouldn't do any good to send a blank e-mail to Paypal, thought I. I wondered if it was something with Yahoo mail that messed up the e-mail so I decided to forward them to my regular inbox in Eudora to deal with them there.

I check the mail in Eudora and nothing shows up but a legit message from an e-mail list I'm on. I thought maybe I sent them to the wrong box in Yahoo so I go back to find them and they're nowhere to be found. Apparently they set it up so if you do anything but click on the links in their e-mail, either the text gets deleted or the e-mail self destructs so you can't forward it to anyone. How clever.

I'd really like to get those guys. I'll keep trying.


At 3:49 PM, Blogger Fred said...

I stand corrected. I found both of those e-mails in my Eudora Junk E-mail file. Never thought about looking there.

Now they've been forwarded to PayPal and it looks like the headers and text were sent as well.

Must have been a glitch with Yahoo e-mail.

At 5:18 PM, Anonymous Kat said...

I have received a paypal email saying that my payment had been sent for 308.00 to some person I had never heard of.

Just remember, do NOT click on any links in the email. Go directly to the website (type in the address yourself) and verify. It's a good thing I had read something about it. Otherwise it looked pretty legit.

But since I hadn't been buying on ebay for awhile I knew it was wrong and a spoof.

At 12:14 AM, Blogger Rose said...

I get 'em, too, Fred. With Eudora, click blah, blah, blah to show all headers and then forward the whole thing to spoof@paypal, or spoof@ebay - or check out or .

If you are on a PC though, you are better off not to open it al all, just delete it. I'm on a Mac so I figure I can open, click on headers and forward.

Ebay now has a "My Messages" email set up in your My Ebay - any legitimate message sent to you will be duplicated there, so that is a good way to check before you alert the spoof@paypal/ebay guys.

At 9:02 AM, Blogger Fred said...

I got a Paypal scam the other day that had me thinking twice. It was actually easy to see it was a scam because, when you put the cursor over a link in Eudora, the whole link shows up in a window and it wasn't a paypal link, it was some Google link. So right off I knew it was phony.

But it had me going cause it said someone from some foreign address had accessed my account, or some such thing. Just the day before that, I'd noticed someone visited this blog from Indonesia or somewhere thereabouts.

The same day they visited this blog, I had Norton Anti Virus alert me to someone trying to stuff a worm on my computer. Whoever it was from the same country as whoever visited my blog. NAV provided the IP address of the attempted intruder.

Since all the events originated from the same country, I wondered if I was being cyber stalked and maybe someone had hacked my Paypal account. That one made me wonder. In fact, just to make sure, I logged into Paypal just to make sure everything was ok.

Those guys are pretty clever. I can see why some people, especially if they're not computer savvy, would fall for the scam.


Post a Comment

<< Home