Printable Version of Topic

Click here to view this topic in its original format

914World.com _ 914World Garage _ Paypal phishing scam

Posted by: Pugbug Jun 16 2005, 11:27 PM

Be careful... This thing had me fooled, but luckily I don't have a Paypal account.
Below is the web site I was directed to....Sorry I haven't figured out how to post a link yet.
The link in the e-mail was "paypal.com/xxxxxxxxxx..(I deleted the e-mail, and don't remember the full address)
When I checked my history this is the address that gets you there.....What ever you do if you go to the site. Warning DO NOT LOGIN

http://www.hymca.or.kr/bbs/ver.ph

Posted by: skline Jun 16 2005, 11:29 PM

Not Found
The requested URL /bbs/ver.ph was not found on this server.

Apparently they already caught it and removed it

Posted by: Pugbug Jun 16 2005, 11:29 PM

Well I'll be damned....I guess I can post a link!

Posted by: Pugbug Jun 16 2005, 11:35 PM

For some reason there is a "p" missing from the end of the address in my first attempt .

http://www.hymca.or.kr/bbs/ver.php

WARNING THIS IS A PHISHING SITE.....DO NOT LOG IN!

Posted by: Brando Jun 16 2005, 11:38 PM

If you're using Mozilla or Mozilla Firefox, to avoid phishing websites do the following:

1) in the address bar type in "about:config"

2) look for the entry "network.enableIDN", double-click the entry to change it to "false".

3) close your browser and re-open it. Phishing websites that use international domain names (show up as &somethingsomething; or %2F %83 in the address bar) will not work.

Posted by: skline Jun 16 2005, 11:40 PM

Hey, it worked this time............

I logged in and everything......................

Username: GoFuc#yourselves
Password: Youlittlechickenshits

It went to a blank page. I wonder if they will like that? laugh.gif

Posted by: skline Jun 16 2005, 11:42 PM

Good tip Brandon, most people should know to look for the lock at the bottom and verify it is the correct site by looking at the address bar, but for a lot of people, they dont do that so this would be good for them.

Posted by: Brando Jun 16 2005, 11:44 PM

Another good point skline... Always check the certificate if you're connecting to a site through SSL (https:// in the addy bar).

Posted by: Pugbug Jun 17 2005, 12:12 AM

The link in the e-mail was "paypal.com/bin....Don't remember the rest, but the address in the browser address bar matched it. I called Paypal using the phone number I got from the fake site to find out what was going on.
I was a bit paranoid because when I was on vacation in California in April someone got my Visa number and charged up $800 to my account gambling online, and it was billed through paypal.
The text of the e-mail said that someone was trying to access my Paypal account using a different ip address. I was worried that someone somehow got ahold of my new Visa number again, and had set up a Paypal account with it.
Man....This world is full of thieves!

Posted by: SirAndy Jun 17 2005, 12:20 AM

gawd, these kidz are soooos stupid these days ...

here's the server your login information will be send to, and guess what, they didn't turn off directory browsing ...

hahahahahaha

http://216.69.161.136/

happy snooping guys ...
biggrin.gif Andy

Posted by: redshift Jun 17 2005, 12:24 AM

lol

I am creating some new DBs, thanks ANDY!!

http://216.69.161.136/admin/

M

Posted by: redshift Jun 17 2005, 12:28 AM

OH DEAR! I AM NOT A DBA! I JUST DELETED ALL THEIR TRAFFIC TABLES!

HELP!


M

Posted by: SirAndy Jun 17 2005, 12:28 AM

QUOTE (redshift @ Jun 16 2005, 11:24 PM)
I am creating some new DBs, thanks ANDY!!

just be careful, there are some *.exe in some of the subdirectories that you *SHOULD NOT* click on ...

wink.gif Andy

Posted by: redshift Jun 17 2005, 12:35 AM

Yes, well aware!

Question: Can I log on, and upload with my FTP program? I have something I'd like to leave there... stromberg.gif



M

Posted by: redshift Jun 17 2005, 12:52 AM

Password... I need a password.

Hmm... userid:admin

poke.gif


M

Posted by: morphenspectra Jun 17 2005, 05:29 AM

One good tip from Paypal is that they will always address you by name, and most of the phishing sites will address you by email. Now I just forward to spoof@paypal.com and delete. If I feel there is any issue with my account then I log in to my account from Paypals website and I double check.

HIEDI

Powered by Invision Power Board (http://www.invisionboard.com)
© Invision Power Services (http://www.invisionpower.com)