Results 1 to 7 of 7

Thread: Paypal Scam

  1. #1
    All the Certs! 11001001's Avatar
    Join Date
    Mar 2002
    Location
    Just West of Beantown, though nobody from Beantown actually calls it "Beantown."
    Posts
    1,230

    Paypal Scam

    Here is the email I received in my Yahoo! account:

    Dear Paypal User

    You have added o0_yuna_baby_o0@yahoo.com as a new email address for
    your PayPal account.

    If you did not authorize this change or if you need assistance with
    your account, please contact PayPal customer service at:

    http://www.paypalonlineupdate.info/i...cmd=_login-run

    Thank you for using PayPal!
    The PayPal Team

    Please do not reply to this e-mail. Mail sent to this address cannot be
    answered. For assistance, log in to your PayPal account and choose the
    "Help" link in the header of any page.

    And the Header:

    X-Apparently-To: XXXXXXXXXX@yahoo.com via 68.142.201.224; Mon, 04 Jul 2005 08:02:42 -0700
    X-YahooFilteredBulk: 62.212.83.161
    X-Originating-IP: [62.212.83.161]
    Return-Path: <sietse@sietse.nu>
    Authentication-Results: mta198.mail.dcn.yahoo.com from=paypal.com; domainkeys=neutral (no sig)
    Received: from 62.212.83.161 (EHLO karin.wiseadvise.net) (62.212.83.161) by mta198.mail.dcn.yahoo.com with SMTP; Mon, 04 Jul 2005 08:02:42 -0700
    Received: from apache by karin.wiseadvise.net with local (Exim 4.42) id 1DpSSN-0006b7-TA for jameschwab@yahoo.com; Mon, 04 Jul 2005 17:01:59 +0200
    To: XXXXXXXXXX@yahoo.com
    Subject: Unauthorized Access: (Routing Code: 301-Y712-P390)
    From: service@paypal.com Add to Address BookAdd to Address Book
    Reply-to:
    MIME-Version: 1.0
    Content-Type: text/plain
    Content-Transfer-Encoding: 8bit
    Message-Id: <E1DpSSN-0006b7-TA@karin.wiseadvise.net>
    Date: Mon, 04 Jul 2005 17:01:59 +0200
    X-WiseAdvise-MailScanner-Information: Please contact the ISP for more information
    X-WiseAdvise-MailScanner: Found to be clean
    X-MailScanner-From: sietse@sietse.nu
    Content-Length: 530

    The Originating IP of 62.212.83.161 resolves to the following (per Sam Spade):

    Trying 62.212.83.161 at ARIN
    Trying 62.212.83 at ARIN

    OrgName: RIPE Network Coordination Centre
    OrgID: RIPE
    Address: P.O. Box 10096
    City: Amsterdam
    StateProv:
    PostalCode: 1001EB
    Country: NL

    ReferralServer: whois://whois.ripe.net:43

    NetRange: 62.0.0.0 - 62.255.255.255
    CIDR: 62.0.0.0/8
    NetName: RIPE-C3
    NetHandle: NET-62-0-0-0-1
    Parent:
    NetType: Allocated to RIPE NCC
    NameServer: NS-PRI.RIPE.NET
    NameServer: SEC1.APNIC.NET
    NameServer: SEC3.APNIC.NET
    NameServer: NS2.NIC.FR
    NameServer: SUNIC.SUNET.SE
    NameServer: AUTH03.NS.UU.NET
    NameServer: TINNIE.ARIN.NET
    Comment: These addresses have been further assigned to users in
    Comment: the RIPE NCC region. Contact information can be found in
    Comment: the RIPE database at http://www.ripe.net/whois
    RegDate: 1997-04-25
    Updated: 2004-03-16

    (Continued)

    www.paypalonlineupdate.info whois information:

    Domain Name: PAYPALONLINEUPDATE.INFO
    Created On: 03-Jul-2005 17:38:27 UTC
    Last Updated On: 04-Jul-2005 14:43:04 UTC
    Expiration Date: 03-Jul-2008 17:38:27 UTC
    Sponsoring Registrar: YesNIC Co., Ltd. (R158-LRMS)
    Status: ACTIVE
    Status: OK
    Registrant ID: C10500853-LRMS
    Registrant Name: Peter Jaly
    Registrant Organization: Hosting
    Registrant Street1: 7 Viewland Drive
    Registrant City: 7 Viewland Drive
    Registrant Postal Code: 4562
    Registrant Country: AU
    Registrant Phone: +82.78676787868
    Registrant Email: woolleyc1949@yahoo.com
    Admin ID: C10500856-LRMS
    Admin Name: Peter Jaly
    Admin Organization: Hosting
    Admin Street1: 7 Viewland Drive
    Admin City: 7 Viewland Drive
    Admin Postal Code: 4562
    Admin Country: AU
    Admin Phone: +82.78676787868
    Admin Email: woolleyc1949@yahoo.com
    Billing ID: C10500857-LRMS
    Billing Name: Peter Jaly
    Billing Organization: Hosting
    Billing Street1: 7 Viewland Drive
    Billing City: 7 Viewland Drive
    Billing Postal Code: 4562
    Billing Country: KR
    Billing Phone: +82.78676787868
    Billing Email: woolleyc1949@yahoo.com
    Tech ID: C10500857-LRMS
    Tech Name: Peter Jaly
    Tech Organization: Hosting
    Tech Street1: 7 Viewland Drive
    Tech City: 7 Viewland Drive
    Tech Postal Code: 4562
    Tech Country: KR
    Tech Phone: +82.78676787868
    Tech Email: woolleyc1949@yahoo.com
    Name Server: NS1.PAYPALONLINEUPDATE.INFO
    Name Server: NS2.PAYPALONLINEUPDATE.INFO
    Clearly not a Paypal site...
    Anyone seen this before?
    Above ground, vertical, and exchanging gasses.
    Now you see me | Now you don't
    "Relax, Bender; It was just a dream. There's no such thing as two." ~ Fry
    sometimes my computer goes down on me

  2. #2
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424

  3. #3
    Senior Member st1mpy's Avatar
    Join Date
    Jun 2003
    Posts
    111
    i think i got a mail like that in my box ... where did they got my mail god damn i dont even have paypal account
    Un Seen But Well Heard Of

  4. #4
    That appears to be what is known as a phishing scheme.
    You can report the issue here as long as your in the states.
    www.ifccfbi.gov/cf1.asp

  5. #5
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    i think i got a mail like that in my box ... where did they got my mail god damn i dont even have paypal account
    they generally get email accounts a few ways. 1) buying them from companies who you gave it to. 2) crawling across webpages looking for email addresses posted. 3) just sending to random names on domains and hoping they get a few hits. (when I am checking our mail boxes (admin, postmaster, webmaster, etc.) Ill normally get a bunch of the exact same emails in each of them.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  6. #6
    All the Certs! 11001001's Avatar
    Join Date
    Mar 2002
    Location
    Just West of Beantown, though nobody from Beantown actually calls it "Beantown."
    Posts
    1,230
    Originally posted here by spamdies
    That appears to be what is known as a phishing scheme.
    Yep. Sure is. That's why I posted it here
    Above ground, vertical, and exchanging gasses.
    Now you see me | Now you don't
    "Relax, Bender; It was just a dream. There's no such thing as two." ~ Fry
    sometimes my computer goes down on me

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    · HACK INTO PAYPAL ACCOUNTS
    2005-03-16 16:17:39 none123 [Reply | View]

    HOW TO HACK INTO PAYPAL ACCOUNT!!!

    1) The following complete hacking tutorial contains materials that may not be suitable for irresponsible internet users, reader discretion is advised!
    2) The hacking method is based on a secretly discovered security flaw in the PayPal (www.paypal.com) mailing address confirmation system. It will only work BEFORE PayPal discovers this serious security flaw and fixes it. Take your action FAST! ...

    ...Despite the company?s seemingly perfect security system, a serious security flaw in the ADDRESS CONFIRMATION PROCESS of PayPal?s members? accounts has been discovered by a few experienced hackers from Russia. The hacking process has been simplified a while ago and it was revealed on a Russian language hacking website. PayPal was immediately alerted of this security flaw after the Russian language hacking tutorial was published on the website, but in order to prevent its customers from losing trust in internet banking, PayPal chose NOT to alert its customers of this security flaw and has then secretly BANNED numerous online articles that contained information of this security flaw.

    http://www.oreillynet.com/pub/h/1068
    looks like a varient of the above.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •