Wednesday, August 12, 2009

Paypal Phishing Example

Let’s see if you can figure out which is the fraud in the screenshot:

Screenshot - 8_12_2009 , 11_10_58 AM

Screenshot - 8_12_2009 , 11_11_19 AM

If you haven’t guessed it by now it is the first one. It is a little hard to tell just by a screenshot. The one thing that definitely gives it away is your address bar. In the second screenshot you’ll see your address begin with http://www.paypal.com the first one begins with some weird looking address that looks nothing like something from. Other than the spacing of the website it looks like a pretty good copy of the Paypal login screen. Another difference is that one of the blue tabs running across the top are different. The fraud has “Developers” and the real one has “Shopping”.

The another difference you can’t see is that on the fraud page none of the links are clickable except for “Log In” button. If you run your arrow over them nothing happens. Of course you can enter information for your username and password which of course is what the bad guys want.

This is the original email this fraud was found through:

Screenshot - 8_12_2009 , 11_58_55 AM

Screenshot - 8_12_2009 , 11_59_35 AM

If you look at one obvious thing at the top is that the email address  is from a Yahoo.com account. Unless budget cuts at Paypal have forced employees to conduct business through web based email accounts this is a dead giveaway. Second of all Paypal clearly states that it will never email you to login. If you click on anywhere on the page it brings you to the fraud page I first showed you up top. If you get this email delete it immediately. If you suspect something is awry with your account login through the normal procedure which is to go through http://www.paypal.com and login as you normally would.

Technorati Tags: ,,,,

No comments: