How can I tell if my Paypal and eBay Alerts are legit or phishing?
Dave, I'm getting more and more confused. I keep getting warnings and alerts from Paypal, eBay, my bank, and various other banks and financial institutions that I don't even have accounts with, all telling me to log in and verify my account information. I've read about something called "phishing" and am wondering if that's what these messages actually are?
You're right to be suspicious! These are indeed what us industry folk call phishing (rhymes with fishing): fake email messages purporting to be from legitimate sites, they redirect you to clones of the real site and their sole purpose is to get you to click on the link and log in to their mock sites. These are bogus messages sent by online criminals. This afternoon, I received a message that looks exactly like it came from Paypal. It had a Paypal return address, a legit looking case address, and even a link on the bottom to the Paypal privacy policy. In the middle was the important link, though: "To update your Paypal records, click on the following link:" followed by the link "https://www.paypal.com/cgi-bin/webscr?cmd=_login-run". Or does it link there? HTML messages can easily point to one site while appearing to point to another. So I cracked open the message and read through the source, to find my suspicions confirmed. Rather than actually link to the Paypal site, this message points to the Web address http://147.46.36.234/verify/index.htm. Then, from the Mac OS X command line, I tried to telnet to that host, to see what would happen and here's what I got: $ telnet 147.46.36.234 Trying 147.46.36.234... Connected to insdel.snu.ac.kr. Escape character is '^]'. Connection closed by foreign host. $As you can see, rather than being the secure Paypal server in California, it's actually a site in Korea! Further investigation reveals that it's actually the Interdisciplinary Structural Design Laboratory at Seoul National University, news that I'm sure would be quite a surprise to the system administrators there! Almost all of these phishing sites work the same way, taking you to Web sites referenced by number, with no domain name mentioned at all. Since these criminals are "fishing" for account information (imagine the consequences of blindly entering your actual account and password information to their system!) these sort of scams that masquerade as real email from legitimate companies is now known as "phishing". Some of these phishing messages are quite ingenious: I've received a wave of messages that appear to be a communication from a buyer on eBay who is just notifying me that they've paid me for an item they won on auction. The purpose of the message is for me to click the "reply" button, log in to "ebay" (it's not eBay, of course, it's the scam Web site collecting account information) and then doubtless get an error message to keep me from being too suspicious. Here's how you can avoid being caught by these phishing messages: never click on a link in an email message. If you were to get a legit message from Paypal, eBay, Wells Fargo, Citibank, TCF, whomever, simply go to your Web browser and type in the address of the company Web site. Then log in as normal and check to see if there are any messages or other indications that there really is a problem. I'll bet that there isn't anything wrong at all. After all, given how many of these annoying phishing messages are sent now, do you really think that these companies are going to send real messages and confuse their customers?
Help others find this article at Del.icio.us, Digg, Netscape, Reddit, and Stumble Upon
Categorized:
Windows Help
(Article 3817)
Tagged: Previous: How do I keep my Safari bookmarks in sync? Next: Can I extract all my Safari bookmarks with a shell script? Subscribe!
Never miss another useful Q&A article again! Subscribe to AskDaveTaylor with Google Reader. I bet these emails fool a ton of people, they look very official. I just saved a girl I work with from falling for one of those as she was just about to enter her personal info, credit card info etc. Posted by: D. Trainor at May 8, 2007 6:26 PMI have something to say, now that you mention it, but ...
I do have a comment, now that you mention it!
|
 
Search
Find just the answers you seek from among our 2300+ free tech support articles by using our Lijit search engine.
Help!
Subscribe to
Ask Dave Taylor! 
Free Updates!
Sign up and get free weekly updates and special offers on books, seminars, workshops and more.
Articles and Reviews
Auctions and Online Shopping Blogs and RSS Feeds Building Web site traffic Business and Management Cell Phones and Mobile Phones CGI Scripts and Web Site Programming Computer and Internet Basics d) None of the Above HTML and CSS Industry News and Trade Shows Mac OS X Help MySpace, Facebook, Twitter and Social Network Help Pay Per Click (PPC) Search Engine Optimization Shell Script Programming Sony PSP, MP3 Players, Etc. The Writing Business Unix and Linux Help Video Game Tips and Help Windows Help
Recent Entries
Book Links
|
Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site.
![[whiteboard marker tray]](/Graphics/marker-tray.gif){kind=small}
