I DON’T want to sound like an expert online money-maker with this post. I’d just like to warn some bloggers who have PayPal accounts that online phishers are at work. And I’d like to reveal their scheme here.
I received an email with subject “Remove Limitation” from someone who disguises himself as a representative of PayPal. The email looked official. If you are not careful enough, you would believe it’s the real thing. Here are some screenshots:
The Phisher’s Email
I highlighted the parts that I found dubious. PayPal has always addressed me by my real name and not just as any account holder. I am also receiving emails from service@intl.paypal.com. That spelled the difference. Here’s a screenshot:
The Official Email from PayPal
If you read through the email, the phisher would try to convince you that somebody is trying to access your account and that to protect your account, PayPal has limited access to you account. To lift the limitation, a link is provided in the body of the email that leads to a site that would really look like PayPal’s until you take a look at the url.
The Phisher’s Site
The Real PayPal Site
Take note that PayPal is a secure site; it uses https:// and not just http://. So, if you are a careful customer, surely you wouldn’t give away personal information via a non-secure site and allow crawlers to fetch your info and run away with your hard-earned money.
Because I was sure that the site is not real, I logged in using a wrong password and voila, it didn’t know that my password was wrong! I was pseudo-logged in and was prompted to enter information including my ATM PIN.
If you are in your proper state of mind, you should never divulge your PIN to anyone.
That’s all. I hope this helped.
7 Comments Received
August 12th, 2008 @11:02 am
salamat sa pagshare nito. it is helpful! kailangan lang talaga kapag mag sign in sa isang site dapat open window and type the url. at hindi magclick ng link dun sa email na natanggap to sign in.
August 13th, 2008 @1:26 pm
haha, phisers! thanks for sharing this.. long before, i have been bearing in mind the rule that paypal should address me by my name and not just an account holder. be careful guys!
August 14th, 2008 @12:23 am
@redlan: Tama, better type in the url. You’re welcome.
@dimaks: yes, that’s the proper way of doing business. It’s pretty simple. You have to know your clients. Hehe.
ayels last blog post..Protect Your PayPal Account from Phishers
August 15th, 2008 @8:00 pm
I also made similar post about phising everyday ako nakakatanggap ng ganitong message… natatawa nalang ako limited daw ang account ko eh, verified ako sa paypal…
julers last blog post..Beijing 2008 Olympics Medal Tally Count, Updates and Results
August 16th, 2008 @7:46 am
Oo nga. Kala talaga ng mga gumagawa niyan bobo ang mga Noypi bloggers. Hehe. Mga Kano yata usually ang mga nabibiktima nila.
August 19th, 2008 @1:31 am
thanks for the info.
ritzchelles last blog post..Domain and Hosting Sponsorship
August 30th, 2008 @1:37 pm
wow sir..very clever ha..sir xenxe sa result ng exam q ha..sisi jud ko ba..tarungon na nako sa sunod sir…sir comment pud sa blog..taos tabangi q sir panagsa..favor lang..tnx..
Leave A Reply