The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Paypal Question or Serious Problem

Discussion in 'Database Discussions' started by Heratiki, Feb 20, 2005.

  1. Heratiki

    Heratiki Member

    Joined:
    Feb 20, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    This scared the ever living snot out of me too... I received this email today and almost finished it only to look up at the address bar and realize that it was something much worse...

    This site... (From CPanel Webhosting) Was were I was sent from a very legit looking email...
    http://64.246.58.100/~asblnnsm/pp/
    It looks like Paypal... Even sounds like Paypal... But can possibly steal your life away...
    Now that your scared.. Do you remember going here to reenter your Paypal info... Better get a new checking account because mine was just had for about 1300 dollars... Enjoy...

    Heratiki
    Jonathan M. Witmore

    BTW if you notice this is your site... Be prepared because the law has caught on too...

    HTML from Email




    %RANDOM2%
    Notice of Account Review Necessity

    Read this notice thoroughly and follow the instructions.


    --------------------------------------------------------------------------------

    Why did I get the notice?

    You have been sent this notice because the records of PayPal database indicate you are a current or former PayPal account holder. PayPal is conducting a periodic update of the database record. To ensure your account's security, it is important that you provide us accurate information. Please take a moment to verify the information we have on file. This notice provides instructions on how to confirm your PayPal account.

    --------------------------------------------------------------------------------

    What should I do now?
    We sincerely ask you, as a PayPal account holder, to login to your account and give us the necessary information. Complete the necessary verification tasks within 5 days, or your account might get temporarily suspended. Proceed with the link below.

    Click here to confirm your account



    --------------------------------------------------------------------------------

    We apologize for your inconvenience.

    Sincerely,
    PayPal


    --------------------------------------------------------------------------------

    Please do not reply to this email. Anything you send to this address cannot be answered. For assistance, login to your PayPal account and choose the "Help" link in the footer of any page.

    To receive email notifications in plain text instead of HTML, update your preferences here.


    %RANDOM3%
    Protect Your Account Info
    Make sure you never provide your password to fraudulent websites.

    To safely and securely access the PayPal website or your account, open a new web browser and type in the PayPal URL to be sure you are on the real PayPal site.

    For more information on protecting yourself from fraud, please review our Security Tips


    Protect Your Password
    You should never give your PayPal password to anyone, including PayPal employees.





    %RANDOM1%
     
  2. Heratiki

    Heratiki Member

    Joined:
    Feb 20, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    This scared the ever living snot out of me too... I received this email today and almost finished it only to look up at the address bar and realize that it was something much worse...

    This site... (From CPanel Webhosting) Was were I was sent from a very legit looking email...
    http://64.246.58.100/~asblnnsm/pp/
    It looks like Paypal... Even sounds like Paypal... But can possibly steal your life away...
    Now that your scared.. Do you remember going here to reenter your Paypal info... Better get a new checking account because mine was just had for about 1300 dollars... Enjoy...

    Heratiki
    Jonathan M. Witmore

    BTW if you notice this is your site... Be prepared because the law has caught on too...

    HTML from Email




    %RANDOM2%
    Notice of Account Review Necessity

    Read this notice thoroughly and follow the instructions.


    --------------------------------------------------------------------------------

    Why did I get the notice?

    You have been sent this notice because the records of PayPal database indicate you are a current or former PayPal account holder. PayPal is conducting a periodic update of the database record. To ensure your account's security, it is important that you provide us accurate information. Please take a moment to verify the information we have on file. This notice provides instructions on how to confirm your PayPal account.

    --------------------------------------------------------------------------------

    What should I do now?
    We sincerely ask you, as a PayPal account holder, to login to your account and give us the necessary information. Complete the necessary verification tasks within 5 days, or your account might get temporarily suspended. Proceed with the link below.

    Click here to confirm your account



    --------------------------------------------------------------------------------

    We apologize for your inconvenience.

    Sincerely,
    PayPal


    --------------------------------------------------------------------------------

    Please do not reply to this email. Anything you send to this address cannot be answered. For assistance, login to your PayPal account and choose the "Help" link in the footer of any page.

    To receive email notifications in plain text instead of HTML, update your preferences here.


    %RANDOM3%
    Protect Your Account Info
    Make sure you never provide your password to fraudulent websites.

    To safely and securely access the PayPal website or your account, open a new web browser and type in the PayPal URL to be sure you are on the real PayPal site.

    For more information on protecting yourself from fraud, please review our Security Tips


    Protect Your Password
    You should never give your PayPal password to anyone, including PayPal employees.





    %RANDOM1%
     
  3. gorilla

    gorilla Well-Known Member

    Joined:
    Feb 3, 2004
    Messages:
    699
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Sydney / Australia
  4. junglecat

    junglecat Well-Known Member

    Joined:
    Jul 6, 2004
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    I get variations of these all the time.

    The first rule of thumb, is... if they want you to click a link in the email, DON'T.

    Send paypal spoof mails (with headers) to spoof@paypal.com

    Likewise send ebay spoof mails (with headers) to spoof@ebay.com
     
  5. Heratiki

    Heratiki Member

    Joined:
    Feb 20, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    I just did the same thing and found that... My first instinct was to go to the IP by itself and the page displayed is one from cPanel... So I came here...
    I'm not out for cPanel just wanted to let ppl know is all...
    I joined this forum specifically to display this problem...
     
  6. Heratiki

    Heratiki Member

    Joined:
    Feb 20, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    I've already sent the email in duplicate to Paypal to check on... And like you I've seen variations... So I don't know...
     
  7. Heratiki

    Heratiki Member

    Joined:
    Feb 20, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Thank you for the quick response btw...
     
  8. HH-Steven

    HH-Steven Well-Known Member

    Joined:
    Aug 29, 2004
    Messages:
    284
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    This is not meant in any offence to you, but if you had actually read the email fully you wouldnt have been swindled like you have, and i quote from the email you received :

    "To safely and securely access the PayPal website or your account, open a new web browser and type in the PayPal URL to be sure you are on the real PayPal site."

    Now this isnt a difficult thing to do, takes 14 keyboard presses, 14 keyboard presses that would have saved you $1300

    Paypal will also quote you the last 2-4 digits of your account / credit card number and ask you to confirm the full number when logging in to complete updates to your account.

    Whilst i do have have sympathy for you and it is a terrible thing, maybe it will serve as a lesson to you and others who might read this topic.

    whenever your accessing a financial or personal account of any kind ALWAYS type in the full url manually and not by using shortcuts received in emails.

    (you will also notice the small padlock (ssl encryption) missing from the status bar of your browser aswell which is a dead giveaway)
     
  9. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    We get these all the time. Some Joe Job Blow signs up for an account, sets up a phishing scam and bam sucks people in. It only takes seconds. As you can see they don't even use the real domain they use the /~username/ method. If you're planing on going after the host, good luck, you'll get nowhere, unless they actively police their clients content.

    Never ever open a url such as that unless you have absolutely verified the information is correct. With the vulnerabilities out there ATM, i wouldn't be suprised if you clicked such a link in your browser and the correct looking address pops up in your address bar.. its not.

    Always err on the side of caution with such things, there are far to many people out there doing this these days, and very little if anything can and has been done.

    I've worked with paypal and ebay on multiple occasions with regards to these issues. They have very little if any regard for the host ( even if your bending backwards to help out ).

    In one instance, we turned off the account in question after it was brought to our attention via our provider at that time. The account was removed, however at least a half hour later the web site popped up again, however the domain was pointing to another IP. Paypal called up my provider told them the "site" was back up ( not on any of my IPs btw ), and asked for the site to be shut down ( server pulled ). This was a friday by the way. I then proceeded to explain the ordeal to my "paypal" contact at that time and they seemed very understanding of my situation however since it was the end of the day there was nothing she could to for me untill monday. For the love of god.. in this industry there time for waiting. Luckly i had talked the DC into allowing the server to be replugged after another exhaustive explanation.
     
  10. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,472
    Likes Received:
    200
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Turn off HTML in email and read before you click. Problem solved.

    These scams are old. Sorry for your loss but you have been warned on the paypal site for a very long time, and by mail from them as well.
    Paypal Email Scams
     
  11. Heratiki

    Heratiki Member

    Joined:
    Feb 20, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Yeah I feel like an idiot for falling for it but understand what I got myself into... The money was taken through my check card and it being a VISA has a 0% Fraud Liability plan so that's not too much of my concern for right now... Just letting everyone know about it that doesn't know is a big one for me now... Thank you for all your responses and if we can figure out a way to get this stopped then that would be good as well...

    Jonathan Witmore
     
  12. HH-Steven

    HH-Steven Well-Known Member

    Joined:
    Aug 29, 2004
    Messages:
    284
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    I agree it would be nice, but the fact is that whatever precautions or preventions we take these people will always find a way around them or come up with something new.

    Just got to keep your eyes open and double check everything that involves personal information of anykind.
     
Loading...

Share This Page