“Militray Grade” Security at Paypal!! What a spoof!

I today received a mail in my yahoo account. Here’re the contents.

Security Center

Military Grade Encryption is Only the Start

At PayPal, we want to increase your security and comfort level with every transaction. From our Buyer and Seller Protection Policies to our Verification and Reputation systems, we’ll help to keep you safe.

PayPal is committed to maintaining a safe environment for its community of buyers and sellers. To protect the security of your account, PayPal employs
some of the most advanced security systems in the world and our anti-fraud teams regularly screen the PayPal system for unusual activity.

Recently, our Account Review Team identified some unusual activity in your account. In accordance with PayPal’s User Agreement access to your account will be limited. This is a fraud prevention measure meant to ensure that your account is not compromised.

In order to secure your account we may require some specific information from you. We encourage you to log in by clicking on the link below and complete the requested form as soon as possible.

https://www.paypal.com/cgi-bin/webscr?cmd=_login-run

Ignoring our request, for an extended period of time, may result in account limitations or may result in eventual account closure.

Thank you for your prompt attention to this matter. Please understand that this is
a security measure meant to help protect you and your account.
We apologize for any inconvenience.

Sincerely,
PayPal Account Review Department

PayPal Email ID PP****

😆 I think these fraudsters need to learn new techniques now. These tricks are too old! Here is the complete header

From PayPal Sat Jan 7 17:54:25 2006
X-Apparently-To: ****@yahoo.com via 68.142.201.246; Sun, 08 Jan 2006 03:14:33 -0800
X-YahooFilteredBulk: 211.115.216.228
X-Originating-IP: [211.115.216.228]
Return-Path:
Authentication-Results: mta274.mail.mud.yahoo.com from=paypaI.com; domainkeys=neutral (no sig)
Received: from 211.115.216.228 (HELO bigfoot.com) (211.115.216.228) by mta274.mail.mud.yahoo.com with SMTP; Sun, 08 Jan 2006 03:14:33 -0800
Received: from mountaineerpublishing.com ([68.213.49.6]) by BFLITEMAIL-KR4.bigfoot.com (LiteMail v3.03(BFLITEMAIL-KR4)) with SMTP id 0601080604_BFLITEMAIL-KR4_491054_8660022; Sun, 08 Jan 2006 06:06:41 -0500 EST
Received: by mountaineerpublishing.com (Postfix, from userid 1048) id D6E531A8A159; Sat, 7 Jan 2006 20:54:25 -0500 (EST)
To: money.matters@bigfoot.com
Subject: PayPal Account Security Measures (Routing Code: C840-L1541-Q110-1937)
Message-ID: <1136685265.21980.qmail@paypaI.com>
From: “PayPal” Add to Address BookAdd to Address Book
Content-Type: text/html
Date: Sat, 7 Jan 2006 20:54:25 -0500 (EST)
Content-Length: 1537

Notice it is from service@paypaI.com, its not L for Lion, but its I for India 😆 Even the return path is melanie@mountaineerpublishing.com. Here’re the screen shots of the original and duplicate sites. Almost all the links are same, but forgot password link is different from the main site 😀 and of course the login button will execute some different script 😈

Paypal Original Site
Original Paypal Site

Paypal Original Site
Duplicate Paypal Site

GROW UP SPAMMERS AND THIEVES! LEARN NEW TECHNIQUES TO GATHER CONFIDENTIAL DATA 😆

Published
Categorised as Technology

Leave a comment

Your email address will not be published. Required fields are marked *