Fight the phishing sites!

Here’s one more reason why you should install or update protection softwares in your PC.

Today I received an email supposedly from PayPal regarding my unauthorized activity claim (full copy of the email at the end of this article). Now, I did file an unauthorized activity claim in PayPal several weeks ago so I thought this was a valid response from PayPal.

Of course, I am aware what phishing is and how to protect oneself from phishing sites so before clicking the link in the email, I tried this basic test to check if it was a spoof mail: I hovered my cursor above the link and, true enough, it was not a valid PayPal link.

Nevertheless, I still went to the phishing site (WARNING – This is a Phishing site: http://diaresch.sites.netavous.net/) just to check how it looks like. Voila! both browsers I was using — Mozilla Firefox and Internet Explorer — warned me against accessing the site.

Here’s a screenshot of what I saw upon accessing the phishing site via Mozilla Firefox.

The entire site faded to black and a very conspicuous warning appeared at the top of the page. It read:

Web Forgery

This page is very likely to have been designed to trick users into sharing personal or financial information. Entering any personal information on this page may result in identity theft or other fraud.

It gave me options to “get out” of the site or “ignore the warning” to continue and also to “report the site to Google”. Of course, that was not a tough choice for me, I opted to get out of the site.

I’ve always used Mozilla Firefox so I wanted to test if IE offers the same phishing site-detection ability. Aparently, it does. Here’s what appears if you accessed the abovementioned phishing site using Internet Explorer (I’m using the exact version 7.0.5346.5, results may differ depending on your IE version).

Right next to the address bar is a red-colored warning “Phishing Website”. Also, instead of loading the site, it showed a page explaining that the site I was trying to access is a phishing website and advised against continuing to the site.

Indeed, it pays to install and upgrade softwares that can help protect your PC against viruses, trojans, keyloggers, and other malicious programs. Be not concerned with this and risk your files, your PC, or even your identity later on.

So protect your PC now! Install Firefox or Roboform (software that lets you log in without typing the password) and drop by the Techonology and the Internet folder in the PMT Forum to learn more about how to protect your PC.

* * * * *

Here’s the actual text of the PayPal phishing message I received:

Take Control of Your Money

https://www.PayPal.com/

As part of our security measures, we regularly screen activity in the PayPal system. During a recent screening, we noticed an issue regarding your account.
Case ID Number: PP-177-706-064

We have reason to believe that your account was accessed by a third party. Because protecting the security of your account is our primary concern, we have limited access to sensitive PayPal account features. We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection.

To update your PayPal records click on the following link:

h t t p : / / w w w . p a y p a l . c o m / u s /

–> Embedded link is the phishing site’s link

For your protection, we have limited access to your account until additional security measures can be completed. We apologize for any inconvenience this may cause.
This new security statement will helps us continue to offer PayPal as a secure and cost-effective payment service. We appreciate your cooperation and assistance.

Sincerely, The PayPal Team