Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Wow- I Just Got An E-Mail From A Faux E Bay Site...

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » The DU Lounge Donate to DU
 
DemocratSinceBirth Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 03:34 PM
Original message
Wow- I Just Got An E-Mail From A Faux E Bay Site...
Yeah, fuckers*, I'll give you my credit card number..






*sorry for the profanity but that crap pisses me off
Printer Friendly | Permalink |  | Top
BattyDem Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 03:38 PM
Response to Original message
1. I got one last week from a faux PayPal site ...
Funny thing is, I don't even have a PayPal account!
Printer Friendly | Permalink |  | Top
 
DemocratSinceBirth Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 03:39 PM
Response to Reply #1
3. I Got The Pay Pal Thing Too...
eom
Printer Friendly | Permalink |  | Top
 
Maple Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 03:38 PM
Response to Original message
2. I also get them
from banks I've never heard of...just wanting to confirm my account number...or they're checking to see if recent fraud at the bank harmed my account. :D

People must actually go along with this stuff, or they wouldn't keep sending it out. :shrug:
Printer Friendly | Permalink |  | Top
 
Paranoid_Portlander Donating Member (823 posts) Send PM | Profile | Ignore Sat Jan-08-05 04:28 PM
Response to Reply #2
4. Even worse is a bank where you have an acct...
... complete with the bank's counterfeit logo in the e-mail. They wanted my acct number for "security" reasons, otherwise they will deny me access to my acct.
Printer Friendly | Permalink |  | Top
 
TreasonousBastard Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 04:29 PM
Response to Original message
5. Here's what you do...
Edited on Sat Jan-08-05 04:33 PM by TreasonousBastard
and I'll illustrate with one of many "phish" spams I get.

First, find the originating ISP. You do that by doing whatever you have to do in your email program to see ALL the headers you got, like this:

Status: U
Return-Path: <privacy@wamu.com >
Received: from Sender (<193.108.234.170>)
by aaron.mail.atl.earthlink.net (EarthLink SMTP Server) with SMTP id 1cDGtD4Nf3Nl3qa0
Sun, 12 Dec 2004 22:02:21 -0500 (EST)
Reply-To: <online.privacy@wamu.com >
From: "Washington Mutual" <privacy@wamu.com >
Subject: Important customer notification regarding Online Banking account
Date: Mon, 13 Dec 2004 05:02:23 +0200
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1081
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1081
X-ELNK-AV: 0

Dear Washington Mutual customer,

We recently reviewed your account, and suspect that your Internet Banking account may have been accessed by an unauthorized third party.
Protecting the security of your account and of the Washington Mutual network is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive account features.

<...>


Then, see that line: "Received: from Sender (<193.108.234.170>)"

That's were the thing really came from, and I betcha it's not Washington Mutual Bank.

So, you got to http://www.iks-jena.de/cgi-bin/whois and don't worry about it being all in German-- it's one of the best lookup sites I've found.

Put the sender's number in the search box and the search will come up with the originator of the spam, amd it be in English. It will also usually show an "abuse" email. Forward the entire email to the "abuse" address and be SURE to include ALL headers.

In my case, the originator is Romanian, so they might care all that much, but many of them originate from here and western Europe. I have had good responses from many ISPs that don't want their clients doing this sort of thing. Most investigate, although they won't tell me what ultimately happened.

It's possible that a good hacker can even spoof that address, or just use them as a relay, but it's only the individual ISPs that have the means to track this stuff down. And, most of them hate it is much as we do, so they are motivated.

On edit-- there are Federal spooks who are looking into "phishing" but I have'nt bothered with them so far. I've been leaving it up to the ISPs to notify the Feds. I'm not sure they have, but I have only so much time to deal with this.



Printer Friendly | Permalink |  | Top
 
miss_kitty Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 04:33 PM
Response to Reply #5
8. I would also forward them to the real company
They can take some action too.
Printer Friendly | Permalink |  | Top
 
TreasonousBastard Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 04:42 PM
Response to Reply #8
9. I've done that...
but I have been assured that with the bazillions of phish spams that go out, the companies know what's happening. It's one of the hottest security issues in the financial world for a year or so now.

eBay and PayPal have had their customers hit so hard, they have special teams rooting this stuff out. Sometimes, they see it before we do.
Printer Friendly | Permalink |  | Top
 
Skittles Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 05:19 PM
Response to Reply #5
11. what sort of things do you normally have to do to see those headers?
nt
Printer Friendly | Permalink |  | Top
 
TreasonousBastard Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 08:24 PM
Response to Reply #11
13. Depends on your email software...
I use Eudora, which has a "blah, blah, blah" button that shows that stuff you normally don't want to see when reading email. Some webmail gives you all the headers whether you want them or not, and other email programs have their own ways-- check the help files on your software and look for the keywaord "headers"

Printer Friendly | Permalink |  | Top
 
sundog Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 04:31 PM
Response to Original message
6. give your credit card # to site 89.345.9.87
:eyes:

Write ebay a letter & complain. I did it before.
Printer Friendly | Permalink |  | Top
 
lgw1 Donating Member (7 posts) Send PM | Profile | Ignore Sat Jan-08-05 04:31 PM
Response to Original message
7. Make sure to notify Ebay
It might be a new iteration of a phishing email. You might catch one early on! I report them all.
Printer Friendly | Permalink |  | Top
 
Skittles Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 05:17 PM
Response to Original message
10. report it IMMEDIATELY
nt
Printer Friendly | Permalink |  | Top
 
Whoa_Nelly Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 05:21 PM
Response to Reply #10
12. To report/send fake emails re: eBay or PayPal
Edited on Sat Jan-08-05 05:21 PM by Whoa_Nelly
Do not open the mail.
Forward such emails to

spoof@ebay.com

or

spoof@paypal.com

Printer Friendly | Permalink |  | Top
 
KG Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-08-05 08:27 PM
Response to Original message
14. i just delete them.
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Fri Nov 28th 2014, 06:28 PM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » The DU Lounge Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC