Fake PayPal Phishing E-Mail

Spam. We all get them. Some come with attachements that are just viruses or trojans. Some come from folks in Nigeria who want to give us $2000 cash. Some purportedly come from financial institutions looking to verify your info. What we need to remember is that NO bank, NO credit card company, NO financial institution will ever send you an email asking you to click on an embedded link to verify your info. Below is a typical example of such a spam message (one I actually received today). I will also show you how easy it is to spot that it’s a fake.

It apparently came from PayPal. Specifically, security at PayPal.

This message is actually very believable. No misspellings like the usual spam. They even give you a “Reference Number” that looks official. But what you will notice is, if you hover over the link they want you to click (without actually clicking on it), you will see the actual address the link points to. In this case, even though the link says “www.paypal.com”, in the status bar you can see that it actually goes to www.pacificliv.com. If you actually click on the link, you will be brought to a site where you will asked to enter in your paypal credentials. And THAT’S how they get your info and steal your identity. The method is called “phishing”.  It works by basically sending out mass emails to addresses harvested from newgroups, forums, blogs, etc. From the millions of emails that are sent out, some unsuspecting recipients will bite. So be vigilant. Don’t fall for these scams. Never email you info. And when in doubt, simply CALL your financial institution and speak with a customer service representative, directly.

Stolen Domain: MakeUseOf.com

I use Godaddy.com for alot of my domains, both for domain registration and hosting, so this story doesn’t give me the warm & fuzzy feeling I’d like from a domain registration company. But nevertheless, it reminds us that we should change our passwords regularly and make sure that they are strong.  And it also reminds us that, no matter how secure the technology is, hackers can get by via some social engineering, by basically calling up some gullible or careless tech support person, pretend that they’re you, and get tech support to divulge personal information about you without doing a little background check.

Updates to this story can be found here.

We can now confirm that the attacker in fact got the access details through Gmail and set up a forward filter to send incoming emails from GoDaddy to another Gmail account. Now the account had a strong approximate 15 character long password. How the hell did he manage to get in? Is it another Gmail Security Flaw? … Aibek]

Now it turns out that in order to transfer the domain, Ferank (or someone helping him) called up GoDaddy and impersonated Aibek. At that point he had already access to our account (or at least had enough information to recover the username/pass for the account) and basically said “hi, I’m the owner of MakeUseOf.com, please transfer the domain”. GoDaddy then complied.

Good luck to the makeuseof.com folks!