Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Wednesday, March 01, 2006

Paypal Phishing Contest

I’m not sure why, but this week almost half my Email has been some kind of PayPal phishing scheme. I’m thinking there must be an online PayPal Phishing contest for hackers.

The subject lines vary but all have some kind of connection to PayPal. Just today I received multiple copies of the subject lines below to Email account that have no connection to PayPal.  They’re all bogus.  If you want to check your PayPal account, go there directly, not by clicking on an Email link.

PayPal Email ID PP321
Notification of Limited Account Access (Routing Code: C840-L001-Q190-T1812)
Notification of Limited Account Access
Update your PayPal account
Confirm your PayPal account
Question from PayPal Member

Under the good news headlines are reports that AOL continuing to aggressively go after organized Phishing groups. Click Here for more.

Share on Facebook


Anonymous Anonymous said...

Bill I’ve been going through the same onslaught. It seems like it comes and goes like a tide.

I just wish that PayPal and the credit card companies would help us out by setting up some honey pot card numbers and accounts that we could give these guys.

I usually go to their sites and give them a bunch of junk. You know false account number, name, and such. If most of the stuff they got was bogus it would really hamper them from doing their nasty business. Once an account tries to use incorrect credit card numbers or account logons it gets flagged and shut down rather quickly. But when only real people respond and give these guys real information then the have what they need to strike before anyone can find out. What they do is really like gorilla warfare. Strike hard, fast, and be gone before anyone catches on to stop them. If they couldn’t trust most of the data they got and had no way to test it that wouldn’t cause them to be detected it would make their goal much harder to achieve.

Even better would be a select group of advanced users who would be given special account information that would tip off the credit card companies or PayPal to an attempted fraudulent account transaction. That way they could follow what happened and freeze the account in question BEFORE they could do much damage. I know that I get at least 5 or 6 of these things a week and when it’s busy (like the last few days) maybe 25 or 30. It would sure be fun to know that I was polluting their well.

I guess this would be a kind of reverse SPAM back to the Phishers. If they got hundreds of false responses it would be hard if not impossible for them to sort them from the real ones. Just the thought brings a smile to my face.

12:18 PM  

Post a Comment

<< Home