• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
WhatsNewInBaltimore

SCAM WARNING (URL spoofing, PayPal related)

17 posts in this topic

This both scares me, and infuriates me....

 

Scares me, becuase computers are my life and my business, and I fell for it, and infuriates me becuase if *I* was almost duped, surely the likes of my wife, my parents, my inlaws, etc. who are not so computer savvy would never have wised up to it.

 

Before I explain the scam, a bit of background is required regarding URL Spoofing, see Google links here:

http://www.google.com/search?hl=en&...G=Google+Search

 

IMPORTANT NOTE: THIS IS *NOT* limited to Internet Explorer... I just tried it in FireFox and got the same result!!! So if you think you are insulted from this type of scam because you don't use an IE based browser, you're wrong.

 

THE SCAM: By spoofing the URL of a PayPal website, you are sent to a site which mimics the PayPa login screen, and if you actually type in your username and password, you just handed your funds over to the scammers!!!! BASTARDS!!!!

 

Try it for yourself (WARNING: DO NOT LOGIN!):

http://www.vipphone.com.sg/images/_...ame@SomeISP.com

 

Watch carefully what happens... you get a paypal address followed by a bunch of characters (too many to be visible in your address bar unless you run at a really high resolution like me, 1920 x 1200) then an "@" symbol (how the spoofing is done) then the scammers website - in this case vipphone !!!!

 

These feggers ought to be castrated and fed their own you-know-whats.

 

Ohhh dammit I am so irked over this!

Share this post


Link to post
Share on other sites

I've now tried this in FOUR different browsers, and they ALL took me to the spoofed page. IE, MyIE2 (IE core), Firefox .9, and Opera 7.5

 

Opera did give me a warning dialog, but clicking OK still took me to the spoofed page.

 

The message Opera gave me indicated www.vipphone.com.sg

 

That domain is in Singapore, which I'm guessing would make prosecuting them nearly impossible (I had forwarded the information to PayPal)

Share this post


Link to post
Share on other sites

Yes I know about the PayPal fraud.

Recently I received an email from "PayPal", that really looked like an email from PayPal.

They asked me to verify my account data and gave me a link to a website that looked like a PayPal, but the real PayPal url begins with "https://" and this link started with "http://" and that's why I got suspicious.

Besides the real PayPal never sends emails like that, they ask you to check your account data via their website not via email.

My advice : always use your OWN link to PayPäl, nothing else.

 

I consider the PayPal fraud as a very dangerous one, because they don't ask for money, only for information and that's why people aren't suspicious right away.

Share this post


Link to post
Share on other sites

I am using Firefox 0.9.2. All I get is a "The Page cannot found"using the url you posted. The URL in the address bar at the bottom is exactly the same if I copy&paste it. Perhaps it has been taken down?

 

:wave:

Edited by Freebird

Share this post


Link to post
Share on other sites

Ahhh the power of publicity! Yay! Win one for the good guys ~ I can no longer get to it either :)

 

I had reported them to PayPal, posted the link in a number of forums, and emailed all my friends and family... maybe somehow some authority was able to take it down.

 

I'd gotten a reply from a friend who unfortunately fell victim to this very scam and was hit up hard, she had to go through lots of hoops with credit cards, credit reporting agencies, etc., and her biggest worry is that "they" now have her SSN.

 

Fortunately we have places like SWI to spread the word about crap like this.

Share this post


Link to post
Share on other sites

try this when you get to page not found

 

Please try the following:

 

If you typed the page address in the Address bar, make sure that it is spelled correctly.

(below here) this might be the real page out of Singapore?

Open the www.vipphone.com.sg home page, and then look for links to the information you want.

Click the Back button to try another link.

Share this post


Link to post
Share on other sites

I had the same thing sent to me. I have been using Paypal for many years so I kinda knew that they wouldn't do this type of thing, but, I have to admit, it was tempting to hit the link :huh: .

 

I always, whether it's eBay, Paypal or bank, copy the email and send it to their security people for verification (however paypal is extremely slow in responding).

 

I HATE SCAMMERS!!!!!!!

Share this post


Link to post
Share on other sites

Here is an attachement of a fake pay pal I recieved in my E-mail

I have to make Two replys the first is the fake Log In and the second reply attachement is the real Log In.

Notice the SSL (Secured Socket Layer) for both.

Share this post


Link to post
Share on other sites

Don't ever trust the padlock alone... it's terribly easy to set up a site that requires https logins, I did it in less than 5 minutes using just XP Pro and IIS. ANYBODY can fake that out, it was just an oversight on the scammers' part.

 

Best advice is NEVER, EVER click on links from emails, always use your bookmarks or type in the URL directly.

 

Any reputable site will NEVER solicit personal information via email.

Share this post


Link to post
Share on other sites

WhatsNewInBaltimore, I'm afraid that people will always open attachments, and send personal info over unsecure links.

 

But it's not always scammers. I know of a business that set up a website, quite legit business, and could only accept credit card orders by email, and they expected people to use it!

I believe that they had quite a few customers too.

Share this post


Link to post
Share on other sites

Hey:WhatsNewInBaltimore

quote:Don't ever trust the padlock alone...

Yes that too, but also I recieved Two US Bank E-Mail's asking for my account info username and password guess what I never have banked with them, as always I immediatley did a forward to MS Scam Alert, I have sent them a couple other's this month already.

I called US Bank and talked to them also, it is ongoing with them.

A tip your bank will never ask you for your account info and the like's just for this reason alone not to name a few others

Share this post


Link to post
Share on other sites

Hi there, would using Spoofstick have helped?

Its an extension you can add to Firefox and also there is a version for IE. I have used it ever since I heard about the EBay password scam.

-Tootie :D :

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0