Paypal Question or Serious Problem

Heratiki

Member
Feb 20, 2005
6
0
151
This scared the ever living snot out of me too... I received this email today and almost finished it only to look up at the address bar and realize that it was something much worse...

This site... (From CPanel Webhosting) Was were I was sent from a very legit looking email...
http://64.246.58.100/~asblnnsm/pp/
It looks like Paypal... Even sounds like Paypal... But can possibly steal your life away...
Now that your scared.. Do you remember going here to reenter your Paypal info... Better get a new checking account because mine was just had for about 1300 dollars... Enjoy...

Heratiki
Jonathan M. Witmore

BTW if you notice this is your site... Be prepared because the law has caught on too...

HTML from Email




%RANDOM2%
Notice of Account Review Necessity

Read this notice thoroughly and follow the instructions.


--------------------------------------------------------------------------------

Why did I get the notice?

You have been sent this notice because the records of PayPal database indicate you are a current or former PayPal account holder. PayPal is conducting a periodic update of the database record. To ensure your account's security, it is important that you provide us accurate information. Please take a moment to verify the information we have on file. This notice provides instructions on how to confirm your PayPal account.

--------------------------------------------------------------------------------

What should I do now?
We sincerely ask you, as a PayPal account holder, to login to your account and give us the necessary information. Complete the necessary verification tasks within 5 days, or your account might get temporarily suspended. Proceed with the link below.

Click here to confirm your account



--------------------------------------------------------------------------------

We apologize for your inconvenience.

Sincerely,
PayPal


--------------------------------------------------------------------------------

Please do not reply to this email. Anything you send to this address cannot be answered. For assistance, login to your PayPal account and choose the "Help" link in the footer of any page.

To receive email notifications in plain text instead of HTML, update your preferences here.


%RANDOM3%
Protect Your Account Info
Make sure you never provide your password to fraudulent websites.

To safely and securely access the PayPal website or your account, open a new web browser and type in the PayPal URL to be sure you are on the real PayPal site.

For more information on protecting yourself from fraud, please review our Security Tips


Protect Your Password
You should never give your PayPal password to anyone, including PayPal employees.





%RANDOM1%
 

Heratiki

Member
Feb 20, 2005
6
0
151
This scared the ever living snot out of me too... I received this email today and almost finished it only to look up at the address bar and realize that it was something much worse...

This site... (From CPanel Webhosting) Was were I was sent from a very legit looking email...
http://64.246.58.100/~asblnnsm/pp/
It looks like Paypal... Even sounds like Paypal... But can possibly steal your life away...
Now that your scared.. Do you remember going here to reenter your Paypal info... Better get a new checking account because mine was just had for about 1300 dollars... Enjoy...

Heratiki
Jonathan M. Witmore

BTW if you notice this is your site... Be prepared because the law has caught on too...

HTML from Email




%RANDOM2%
Notice of Account Review Necessity

Read this notice thoroughly and follow the instructions.


--------------------------------------------------------------------------------

Why did I get the notice?

You have been sent this notice because the records of PayPal database indicate you are a current or former PayPal account holder. PayPal is conducting a periodic update of the database record. To ensure your account's security, it is important that you provide us accurate information. Please take a moment to verify the information we have on file. This notice provides instructions on how to confirm your PayPal account.

--------------------------------------------------------------------------------

What should I do now?
We sincerely ask you, as a PayPal account holder, to login to your account and give us the necessary information. Complete the necessary verification tasks within 5 days, or your account might get temporarily suspended. Proceed with the link below.

Click here to confirm your account



--------------------------------------------------------------------------------

We apologize for your inconvenience.

Sincerely,
PayPal


--------------------------------------------------------------------------------

Please do not reply to this email. Anything you send to this address cannot be answered. For assistance, login to your PayPal account and choose the "Help" link in the footer of any page.

To receive email notifications in plain text instead of HTML, update your preferences here.


%RANDOM3%
Protect Your Account Info
Make sure you never provide your password to fraudulent websites.

To safely and securely access the PayPal website or your account, open a new web browser and type in the PayPal URL to be sure you are on the real PayPal site.

For more information on protecting yourself from fraud, please review our Security Tips


Protect Your Password
You should never give your PayPal password to anyone, including PayPal employees.





%RANDOM1%
 

Heratiki

Member
Feb 20, 2005
6
0
151
I just did the same thing and found that... My first instinct was to go to the IP by itself and the page displayed is one from cPanel... So I came here...
I'm not out for cPanel just wanted to let ppl know is all...
I joined this forum specifically to display this problem...
 

Heratiki

Member
Feb 20, 2005
6
0
151
I've already sent the email in duplicate to Paypal to check on... And like you I've seen variations... So I don't know...
 

HH-Steven

Well-Known Member
Aug 29, 2004
284
0
166
cPanel Access Level
Root Administrator
This is not meant in any offence to you, but if you had actually read the email fully you wouldnt have been swindled like you have, and i quote from the email you received :

"To safely and securely access the PayPal website or your account, open a new web browser and type in the PayPal URL to be sure you are on the real PayPal site."

Now this isnt a difficult thing to do, takes 14 keyboard presses, 14 keyboard presses that would have saved you $1300

Paypal will also quote you the last 2-4 digits of your account / credit card number and ask you to confirm the full number when logging in to complete updates to your account.

Whilst i do have have sympathy for you and it is a terrible thing, maybe it will serve as a lesson to you and others who might read this topic.

whenever your accessing a financial or personal account of any kind ALWAYS type in the full url manually and not by using shortcuts received in emails.

(you will also notice the small padlock (ssl encryption) missing from the status bar of your browser aswell which is a dead giveaway)
 

haze

Well-Known Member
Dec 21, 2001
1,550
3
318
We get these all the time. Some Joe Job Blow signs up for an account, sets up a phishing scam and bam sucks people in. It only takes seconds. As you can see they don't even use the real domain they use the /~username/ method. If you're planing on going after the host, good luck, you'll get nowhere, unless they actively police their clients content.

Never ever open a url such as that unless you have absolutely verified the information is correct. With the vulnerabilities out there ATM, i wouldn't be suprised if you clicked such a link in your browser and the correct looking address pops up in your address bar.. its not.

Always err on the side of caution with such things, there are far to many people out there doing this these days, and very little if anything can and has been done.

I've worked with paypal and ebay on multiple occasions with regards to these issues. They have very little if any regard for the host ( even if your bending backwards to help out ).

In one instance, we turned off the account in question after it was brought to our attention via our provider at that time. The account was removed, however at least a half hour later the web site popped up again, however the domain was pointing to another IP. Paypal called up my provider told them the "site" was back up ( not on any of my IPs btw ), and asked for the site to be shut down ( server pulled ). This was a friday by the way. I then proceeded to explain the ordeal to my "paypal" contact at that time and they seemed very understanding of my situation however since it was the end of the day there was nothing she could to for me untill monday. For the love of god.. in this industry there time for waiting. Luckly i had talked the DC into allowing the server to be replugged after another exhaustive explanation.
 

Heratiki

Member
Feb 20, 2005
6
0
151
Yeah I feel like an idiot for falling for it but understand what I got myself into... The money was taken through my check card and it being a VISA has a 0% Fraud Liability plan so that's not too much of my concern for right now... Just letting everyone know about it that doesn't know is a big one for me now... Thank you for all your responses and if we can figure out a way to get this stopped then that would be good as well...

Jonathan Witmore
 

HH-Steven

Well-Known Member
Aug 29, 2004
284
0
166
cPanel Access Level
Root Administrator
Heratiki said:
and if we can figure out a way to get this stopped then that would be good as well...
I agree it would be nice, but the fact is that whatever precautions or preventions we take these people will always find a way around them or come up with something new.

Just got to keep your eyes open and double check everything that involves personal information of anykind.