E-mail fraud targets PayPal users - again

Another e-mail scam is doing the rounds, this one attempting to lure PayPal customers to fork over their account details under the pretext of increasing security.

Similar to a previous scam targeting PayPal customers and customers of banks the e-mail uses a deceptively constructed hyperlink in an attempt to trick people into entering their account details on a page that mimics the PayPal style, but does not belong to the company.

The e-mail reads: "Your As part of our continuing commitment to protect your account and to reduce the instance of fraud on our website, we are undertaking a period review of our member accounts." The incorrect grammar used is one hint the e-mail is fraudulent.

Readers are exhorted to click on a link reading "https://www.paypal.com/cgi-bin/webscr?cmd=verification", but which instead takes them to a page with the URL: "http://www.exme.us/~x/". By holding the cursor over the link in the body of the e-mail, the URL it directs to is shown in the display bar at the bottom of the e-mail client.

All the other links on the page point towards legitimate PayPal Web sites.

Advertisement

Talkback 2 comments

    This appears to some fraudster ...Mark Arena -- 24/06/03

    This appears to some fraudster trying to discredit eXme.org which is a different site and runs from a different machines as eXme.us. Even though both sites are exactly the same, the fraudster has just made an effort to discredit the eXme.org people.

    * Resolved www.exme.org to 80.92.65.10
    * Resolved www.exme.us to 203.22.204.92

    There is a clear difference in domain registerations also:
    Domain Name: EXME.US
    Domain ID: D4366646-US
    Sponsoring Registrar: ENOM, INC.
    Domain Status: ok
    Registrant ID: 7CDB55B23888B816
    Registrant Name: Role Acccount
    Registrant Organization: Globat, LLC.

    Registrant:
    tim (EXME-ORG-DOM)
    carey
    n9170 jordan st
    n9170 jordan st
    appleton, US 54915
    US
    920 733-8254
    920 733-8254
    jurcas@one.lt
    Domain Name: EXME.ORG

    eXme.us appears to be hosted off a machine at Globaldat.com, which is a web hosting company. I've emailed them and by far the best bet in catching this fraudster would be with the cooperation of globaldat.com in finding out where the credit card information is being sent to (most probally an email address) and also from where has the logins into Globatdat's servers come from.

    Regards
    Mark Arena

    Although it is not PayPals fau ...Anonymous -- 31/03/05

    Although it is not PayPals fault about this scam, it seems their site is not secure enough. I believe they are very slow in dealing with this problem. I advised them that somebody had got hold of my ID and changed it and had purchased goods and credited them to my paypal account. I advised them of this at the beginning of February but I have not been advised what they had done to recover my US29.95 fraudulently taken out of my credit card. I will not use PayPal again until this matter is cleared up and my account balance is back to NIL.

Add your opinion

Latest Videos

Sponsored content

Power Centre - Content from our premier sponsors

Blogs

  • Suzanne Tindal Love me, tender
    Considering how expensive and drawn-out tender processes can be to solve problems that might be very immediate, it's little wonder that the Victorian Police IT department tried to work the tender exemptions system.
  • Array 2009 funding drought rolls on
    For Australian start-ups looking for venture capital, 2009 was a very bad year. 2010 may be no better.
  • Array Can not-so-smart meters help the NBN?
    It was interesting to witness Conroy's recent enthusiasm to spruik the NBN's role in supporting the Smart Grid, Smart City initiative. What a pity that Conroy hadn't yet seen the damning report from the Victorian auditor-general about that state's smart-meter roll-out.
  • More blogs »

Tags

Back to top

Featured