Jump to content

New Paypal scam

gylman

By gylman
in Buy, Sell, Trade and Finds

 Share

Recommended Posts

gylman

gylman

Posted
Posted

In the last couple of days, I have had trouble wiht Paypal. Here are the details:

When I log onto Paypal, AFTER I enter my pasword, it asks for me to confirm with my full credit card number

Now, bear in mind that this occurs AFTER I log on, and comes when I type in www.paypal.com I the URL bar. I am not clicking on any icons to get to this paypal site.

I have uploaded a screenshot here.

http://www.brickshelf.com/gallery/gylman/A...aypalscreen.jpg

I cut out a bit of information from the screen, but the field in the credit card number includes the correct expiry date of my card, as well as the last 2 digits of my credit card. If someone has stolen this information from somewhere, it means there has really been a security breach already.

I personally thought this was not a scam, but I am just being cautious. If this is a scam, then it

Siegfried

Siegfried

Posted
Posted

I use PayPal extensively for my business and I have never seen anything like this. I don't think this is a scam though; PayPal do checks like this occasionally and FireFox is supposed to have good protection against this sort of thing. (I use Opera.) Since they know part of your number it seems unlikely that someone who already has your number would be able to intercept your PayPal login as well.

I do agree with your comment on Paypal tech support by the way. I have had a few issues in the past and they never were very helpful; most answers were obviously cut-and-pasted with half the the "advice" irrelevant. :-|

snefroe

snefroe

Posted
Posted

i think you're right, this is fishy, however, the technical staff of paypal should be able to tell you if this is real or not. any evasive answer from their part would be very weird. it's their policy, their action or it isn't and if it isn't, they should have taken action already.

in any case, i didn't get a request from them after having logged in.

6stud

6stud

Posted
Posted

Financial instituations will NEVER ask you to confirm anything with a credit card number. Probably what you have is a good web browser hijack. You may have a virus, malware. or spyware that changes certain web pages in this case paypal) to appear very close to the original. The information you provide is then sent out to hackers.

I would strongly consider the following:

1) Contact your bank and credit card issuers and notify them that your information may have been compromised. PayPal also. Check all your recent bank and CC activity.

2) Stop using you comupter for anything financial or personal information related. There may even be a key logger running.

3) Download and run AVG Free Antivirus and Lavasoft Adaware. After downloading (and you may even want to do this on another computer, then move the install files over on a USB drive or something), disconnect your computer form the Internet. Run full scans.

4) See what you turn up in the scans. Then run the scans again until you find nothing.

Stauder

Stauder

Posted
Posted
Financial instituations will NEVER ask you to confirm anything with a credit card number. Probably what you have is a good web browser hijack. You may have a virus, malware. or spyware that changes certain web pages in this case paypal) to appear very close to the original. The information you provide is then sent out to hackers.

I would strongly consider the following:

1) Contact your bank and credit card issuers and notify them that your information may have been compromised. PayPal also. Check all your recent bank and CC activity.

2) Stop using you comupter for anything financial or personal information related. There may even be a key logger running.

3) Download and run AVG Free Antivirus and Lavasoft Adaware. After downloading (and you may even want to do this on another computer, then move the install files over on a USB drive or something), disconnect your computer form the Internet. Run full scans.

4) See what you turn up in the scans. Then run the scans again until you find nothing.

Our firend here makes a good point. I reccomend doing this if you think it's a scam.

stauder

natelite

natelite

Posted
Posted

looks highly suspect. but i would just ignore it but change the password to your paypal's account. if they could access your card number they wouldn't need to request you to verify. so i would think the number is safe but the account, probably not but nothing a simple password change couldn't fix.

reason why i would advise going into panic mode is because to re-setup your accounts is a real pain.

btw, there are many forms of phishing. i sometimes receive bogus letter requesting for credit card no from a credit card company. i think it was aspire. do not ever trust aspire. they are fraudulent. check the BBB on them. you'll find a lot of complaints. not sure why they weren't prosecuted yet for fraud. stay safe and sign up CC with a proper bank or store.

Hinckley

Hinckley

Posted
Posted
In the last couple of days, I have had trouble wiht Paypal. Here are the details:

...sellers here in the last few days because of it.

Has anyone else run into this in the last little while? Is it real? Am I just being paranoid?

Thanks.

Forward the screen cap to their spoof department spoof@paypal.com. They're pretty quick and thorough with investigating those types of things.
Brick Miner

Brick Miner

Posted
Posted

wow, that's a tough one glyman... id say take the precautions 6studs recommended. this made me instantly log into my paypal account just too see if i had any trouble - nothing there for me.

good luck and keep us updated - BM

gylman

gylman

Posted
  • Author
Posted

OK, here is the answer.

It WAS REAL! Paypal actually wanted me to confirm my credit card. Bear in mind that they say that they will never ask for our credit card number, and that they will always address us by our first and last names. Neither was the case here!

Apparently there was some reason to be suspicious of my account.

The clue, of course, that this was real is that this was not me clicking on a button, but rather typing in the URL myself. Very hard to redirect that short of hijacking a DNS server.

Further, I had to LOG ON to get this message, and they knew which credit cards I had set up to PayPal.What are the chances of someone getting that info short of a catastrophic data security failure at Paypal?

You were right on Sinner.

Interestingly, I sent a copy of the page and the information to spoof@paypal.com, and they told me it was a spoof!!! Idiots.

The only way to figure this out was to call PayPal directly by phone (my cost for the LD call, but they were quick and efficient at least).

So, lessons learned all around.

Thanks to everyone who tried to help.

p.s.

That's Windows 2000 Maiq. The best operating system ever made by Microsoft. I refuse to use anything else. Last 2 PCs I bought I formatted the hard disk and removed XP and Vista.

Mikael Willberg

Mikael Willberg

Posted
Posted
The clue, of course, that this was real is that this was not me clicking on a button, but rather typing in the URL myself. Very hard to redirect that short of hijacking a DNS server.

Interestingly, I sent a copy of the page and the information to spoof@paypal.com, and they told me it was a spoof!!! Idiots.

Easy, just fiddle with hosts file and flush windows dns service, if I know how to do it there definitely are a lot of bad people who know it too. They are much smarter than average people. I do this very frequently for opposite reasons.

I think that the site certificate (and path) would be the easiest indication of the invalidity or the lack of the certificate.

Sheesh... What should have they done ? Deny everything ? Close your account and wish a merry christmas ? Sell some on-site support to clean up ?

Still thumbs up for not blindly trusting the website.

Mig

Siegfried

Siegfried

Posted
Posted
OK, here is the answer.

Thanks for the update. *sweet* I'm glad that I was right; not only because I like to be right, but also because if I was wrong then I would probably be caught out by this. Unfortuantly Paypal is very inconsistant with their tech help and I find it annoying that the spoof guys were over paranoid. Sad to say that makes them pretty much useless; it would seem that they just play it safe. Common sense can do that, what you want from them is educated common sense.

That's Windows 2000 Maiq. The best operating system ever made by Microsoft. I refuse to use anything else. Last 2 PCs I bought I formatted the hard disk and removed XP and Vista.

I am a Win2K fanboy too... but after years of resisting XPs "charms" Vista won me over. I was one of their beta testers and at the end of it I missed it too much. :-P The rest of my computer still run Win2K though.

Easy, just fiddle with hosts file and flush windows dns service, if I know how to do it there definitely are a lot of bad people who know it too.

How could they do that without admin access to your computer?

gylman

gylman

Posted
  • Author
Posted

It's not just a matter of access to the HOSTS file on my PC. This was happening from multiple PCs.

They would have to redirect whole swaths of internet traffic. Someone did that a few years ago, taking over part of the INTERNIC database... it was quite the thing.

Mikael Willberg

Mikael Willberg

Posted
Posted
... Multi quote seems to not quote everything...

That was one easiest thing that came in to my mind, as most of the people still use administrative accounts by default. Next one would be using normal ways to elevate permissions, most likely using unpatched components. It doesn't matter there are so many ways to compromise a computer. Another would be fiddling with routing DSL model that is NAT:ing. The list goes on and on.

It is pointless to talk this further here. Unappropiate bashing of PayPal support was my main point.

Mig

 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...