E-mail fraud targets PayPal users - again

Similar to a previous scam targeting PayPal customers and customers of banks the e-mail uses a deceptively constructed hyperlink in an attempt to trick people into entering their account details on a page that mimics the PayPal style, but does not belong to the company.

The e-mail reads: "Your As part of our continuing commitment to protect your account and to reduce the instance of fraud on our website, we are undertaking a period review of our member accounts." The incorrect grammar used is one hint the e-mail is fraudulent.

Readers are exhorted to click on a link reading "https://www.paypal.com/cgi-bin/webscr?cmd=verification", but which instead takes them to a page with the URL: "http://www.exme.us/~x/". By holding the cursor over the link in the body of the e-mail, the URL it directs to is shown in the display bar at the bottom of the e-mail client.

All the other links on the page point towards legitimate PayPal Web sites.

• Related stories

• Alerts

Add your opinion

This appears to some fraudster ...Mark Arena -- 24/06/03

This appears to some fraudster trying to discredit eXme.org which is a different site and runs from a different machines as eXme.us. Even though both sites are exactly the same, the fraudster has just made an effort to discredit the eXme.org people.

* Resolved www.exme.org to 80.92.65.10
* Resolved www.exme.us to 203.22.204.92

There is a clear difference in domain registerations also:
Domain Name: EXME.US
Domain ID: D4366646-US
Sponsoring Registrar: ENOM, INC.
Domain Status: ok
Registrant ID: 7CDB55B23888B816
Registrant Name: Role Acccount
Registrant Organization: Globat, LLC.

Registrant:
tim (EXME-ORG-DOM)
carey
n9170 jordan st
n9170 jordan st
appleton, US 54915
US
920 733-8254
920 733-8254
jurcas@one.lt
Domain Name: EXME.ORG

eXme.us appears to be hosted off a machine at Globaldat.com, which is a web hosting company. I've emailed them and by far the best bet in catching this fraudster would be with the cooperation of globaldat.com in finding out where the credit card information is being sent to (most probally an email address) and also from where has the logins into Globatdat's servers come from.

Regards
Mark Arena

• Reply to comment
• Reply to story
• Report offensive content

Although it is not PayPals fau ...Anonymous -- 31/03/05

Although it is not PayPals fault about this scam, it seems their site is not secure enough. I believe they are very slow in dealing with this problem. I advised them that somebody had got hold of my ID and changed it and had purchased goods and credited them to my paypal account. I advised them of this at the beginning of February but I have not been advised what they had done to recover my US29.95 fraudulently taken out of my credit card. I will not use PayPal again until this matter is cleared up and my account balance is back to NIL.

• Reply to comment
• Reply to story
• Report offensive content

• Just In

• Most Popular

• Most Discussed

Reader Services

Popular Topics

Essentials