I totally almost just got scammed! (Paypal users read)

[MattGSX]

so I got this email today from "Paypal customer service" saying that my account has been limited because someone tried adding their email address to my account and sent me to a site to confirm or deny it. I'd log back into the fake site to get the page source, but I'm pretty sure that they save all the info entered, and I already changed my password once from a different computer to make sure that there wasn't any keystroke monitering or anything like that.

Seriously, though, whoever did it did a LAZY ass job. They ask for all name/address info, and the card number, cvv, exp date, and PIN for the card used. I'd hate to think how many people have actually fallen for it. It would be okay, except it wasn't made by someone speaking English, so some of the grammar is messed up, the links on the bottom of the page are one big image that cause a pop-up saying "your account is limited and unable to access these features" and all the tabs are fake as well. There are also random question marks all over from sloppy writing or non-English characters.

If anyone feels like checking it out and then changing their passwords with Paypal afterwards, the URL is: [self-removed. There's a trojan attatched with it, I'm thinking. At least, I ended up with a few trackers afterwards, so it was either that site or something else from the last 3 days, and that's the only likely source. If anyone wants the URL I can PM you. Just let me know.]

On a seperate note, if they did such a horrible job making the site, I wonder how they're harvesting all the info and where it's all being stored... ... ... Might be something as simple as an unprotected text-file hosted on the same server.

[Raptor]

yeep that link looks scary

[MattGSX]

Yeah. I probably got trojan'ed. I'm gonna do a re-install tonight, possibly, but I suppose I should also de-activate my Paypal acct to be sure.

[rbcp]

I get those emails all the time.  From PayPal, Ebay and various banks.  Just about all of them are banks that I've never used or heard of.  Most of the emails I get look very legit and so do the websites they send you to.  I'm sure they trick lots of people every day with it.  I get several per day from various fake companies.

One that almost got me last year was an Ebay email that looked like a user asking a question about an item that I was selling.  I clicked on it and almost didn't notice that it wasn't really Ebay.

[chester]

I also get thoes all the time.  They trick you by doing this:

<a href="www.fonybalongasite.com">https://www.paypal.com[/url]  I actually almost fell for that once. 

[JohnKerry]

Foreign scammers don't know how to spell.

[chester]

Foreign scammers don't know how to spell.

I wonder why they even try to Social Engeneer Americans.  You never hear of Emerican scammers in Nigeria.

 

[JohnKerry]

Foreign scammers don't know how to spell.

I wonder why they even try to Social Engeneer Americans.  You never hear of Emerican scammers in Nigeria.

 

Nigeria is the poorest shithole in world.   Any Americans thinking of traveling to Nigeria for prosecution-free scamming have a death wish and a contingency plan based on constant diarreah.

[MattGSX]

Totally agreed.

I did get trojan'ed. It was just a tracker, though, just ilke hundreds of other sites. I had 5 other such trojans already on my system.

I give them points for thinking to try to track people as well as getting them to submit info.

[Illuminati]

You should put fake info just to fuck with them.

[MattGSX]

Well, I was going to just try to input a bunch of bs info on the sign-in page so I could get in, but they're actually remotely running the PayPal login script from their own site, so it only accepts valid email/password combos. Pretty clever again, and I'm not about to re-type my password so the fucker can get my new one.

I emailed the webhosts over 12 hours ago, along with PayPal and the person who's domain just got hijacked (or it could be the hacker himself), and I haven't recieved a response or any action having been taken. I'm kinda pissed.

[linear]

i'm sorry, i don't feel any sympathy for someone here on the PLA forums, who should have a somewhat decent understanding of the web, who is suckered by these scam emails.

[MattGSX]

Yeah. I don't know why I wasn't thinking.

Oh, well, the kid who did this hosted the fake site off of his personal webpage. Just go to http://theone.withtel.com.au and read all about the aspiring graphic artist (and apparently 1337 hacker)

[JohnKerry]

An Australian scammed you?

[MattGSX]

Or someone else took over his old domain, or he gave it to someone, but that's the domain also hosting a re-direct to his new personal site which, though it has it's own URL, is still also hosted at withtel.au