I know many of you are already aware of this. but then again, many of you are not.
today, I got a mail from [email protected] saying that some of my profile data
in my paypal account needs to be updated or my account will be suspended.
The mail looked like this:
Dear valued PayPal member,
Identity protection matters. And PayPal works day and night to help keep your identity safe. That's why it has come to our attention that your PayPal account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. If you could take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service.However, failure to update your records will result in account suspension. Once you have updated your account records, your PayPal session will not be interrupted and will continue as normal.To login to your PayPal account and update your records click on the following link:
Thank You for using PayPal!
©2009 The PayPal Team
At first I was like WTF! then after thoroughly examining the mail, i noticed that the
so called https://www.paypal.com... link is actually referring to some other site.
that site is currently offline. however, I'm sure when it was available, it presented
an exact replica of paypal.com thus fooling people into typing their username/password
to login and capturing the un/pass to steal money.
also, when I opened the email source, I found this:
As you can see, even though the send address is set to [email protected],
the mail was actually sent from server.hmamail.com - a solid proof of phishing.
This is just a small example of how phishing is done. I'd advice all members to be careful
always. Dont be fooled by phising. these type of things are happening with hotmail/gmail,
facebook etc.<[email protected]>