Here are some more examples of phishing emails, this time supposedly sent by PayPal and eBay.
It is our hope that our series on Phishing Emails will help you easily identify a fake email from the real one. So next time you see a phishing email, just hit the “Spam” or “Report Phishing Message” on your inbox.
We hope that our series on Phishing Emails have helped you identify fake emails and prevented you from becoming one of their victims.
You probably know by now that phishing emails, also known as fake or spoof emails, are used to direct recipients to a fraudulent website where they are asked to provide personal information. This information is then used for identity theft.
Below you’ll find another addition to our growing list of actual phishing emails we have recently received.
A few minutes ago, I cleaned up my inbox and found the following warning email from “eBay” threatening me that my “eBay account has been suspended.”
In the tradition of fake Paypal, eGold, E*Trade, Gmail, and YouTube emails designed to steal your personal information, here comes another phishing email that attempts to deceive you into logging to a fake website so it can hack your e-Bullion funds.
The well-designed email comes complete with the logo of online currency e-Bullion.com and a header image that ironically announces, “Eliminate Risks & Fraud.”
Pardon my French (literally), but a few minutes ago I received an interesting email supposedly from PayPal France.
The polyglot that I am (not!), I had to get help from a Language Translation site in order to decipher the message and, as expected, it is just one of those many PayPal phishing emails.
Phishing is a type of deception designed to steal one’s personal data such as credit card numbers, passwords, account login information, etc. Phishing emails are normally used to direct recipients to a fraudulent website where they are asked to provide personal information. This information is then used for identity theft.
The French PayPal email I got was no different from other spoof emails. All bore the warning that my PayPal account has been restricted and I need to access a certain website in order to lift the restriction.
Now the rule when receiving emails like these that ask you to login to a certain site: if the website’s URL does not appear to be the official URL of your bank, credit card company, or payment processor, don’t go there and don’t log in!
Beware of scammers who use Yahoo! Messenger (YM) to lure victims to invest in a fake prepaid load business. If the potential victim decides not to join the “venture,” the scammer then attempts to hack that person’s Yahoo account.
Here’s how the modus operandi works.
Just a few minutes ago, we received the following “Security Alert” email purportedly from Gmail:
from: Gmail Team <mail-noreply@google.com>
date: Sep 20, 2007 1:44 PM
subject: Security AlertYour account has been randomly flagged in our system as a part of our routine security measures. This is a must to ensure that only you have acces and use of your Google account and to ensure a safe Gmail experience. We require all flagged accounts to verify their information on file with us.
This is the right link for edit account page
After you verify your information, your account shall be returned to good standing and you will continue to have full use of your account. Please note that if you don’t verify your ownership of account in 2 x 24 hours we will block/ susspend your Google account.Thanks,
The Gmail Team
The text “edit account” in the second paragraph contains a link that redirects to the following site: < http://www.uk-google.com/account > (Screenshot of the website below.)
This site is a PHISHING website. Phishing is a type of deception designed to steal one’s personal data such as credit card numbers, passwords, account login information, etc. The phishing email usually looks like an official letter from a trusted source, such as a bank, credit card company, payment processor, or online merchant. Phishing emails normally direct recipients to a fraudulent website where they are asked to provide personal information. This information is then used for identity theft.
Although the header included a line saying the mail was sent by the “Gmail Team,” the server that actually sent the mail was “crater.myserverhosts.com” — definitely not a Gmail or Google server.
Note as well the typographical and grammatical errors in the email (acces, 2 x 24 hours, susspend). If that guy was indeed working in Google, he should be fired for sending a crappy, unprofessional email like that.
More info on how to detect phishing emails in the article What is Phishing?
If you received an email from someone you do not know with a link to a YouTube video, don't click the link. It might be a download link for a trojan or worm that can harm your PC or trigger a case of identity theft.
Today I received an email from a certain natblaze@jwmolding.com inviting me to watch a particular YouTube video. The supposed video, however, is not on YouTube but on a different site — http://89.179.33.84/ — and visiting it automatically prompts you to download an .exe file. (WARNING: Do not visit the site if you do not want your PC to be compromised.)
The .exe file is most probably a malicious software (malware) such as trojan or worm.
A Trojan is a program that installs backdoor programs in a person's computer that allows unauthorized remote access to the victim's machine. A Worm, on the other hand, is a self-replicating program that sends copies of itself to other computer terminals without the need for any user intervention. These malicious softwares are normally used to steal passwords of the victim which are used for identity theft.
(Text of the email with the link and screenshot of the malware download page after the jump.)
Today I received another phishing email – emails that look like an official letter from a trusted bank, credit card company, or payment processor but is actually a type of deception designed to steal one’s personal data.
The email intends to trick E*Trade Financial (www.etrade.com) users into providing their personal information which will be used for identity theft.
Don’t fall for these fake emails! Find out how you can protect yourself by reading the following articles:
Copy of the E*Trade phishing email after the jump.
Here are some useful tips provided by Equitable PCI Bank to help you prevent identity theft when doing online banking.
Electronic Banking Consumer Protection Tips
from Equitable PCI Bank
