StarDestroyer.Net BBS

Darth Wong wrote:Unfortunately, schemes like this don't have to fool everyone. If a scheme like this works on 0.1% of the people who receive it, the crooks are laughing all the way to the bank. That's what's so awful about Internet scams.

DPDarkPrimus wrote:Also, clicking on the link to "update my info", I noticed the URL wasn't actually PayPal.com...

Darth Servo wrote:Seen it plenty of times. They often have urls in them that link to a page that looks like paypal but the actual address is completely different.

This is right along side the "representative of the bank of Nigeria" scams.

Ted C wrote:

DPDarkPrimus wrote:Also, clicking on the link to "update my info", I noticed the URL wasn't actually PayPal.com...

You clicked the link? That could be bad. Hope you've got a good spyware filter running, because there's no telling what you might have downloaded if you don't. You should probably run a scan, just to be on the safe side.

General Zod wrote:It's somewhat more clever at least. Most people have used Paypal, or are familiar with the various banking companies that are used by scammers. On the other hand how many people have any type of connection to Nigeria whatsoever?

bilateralrope wrote:I'm just waiting for one of these scams to actually pretend to be from my current bank. Or at least a New Zealand bank as my email address is .co.nz.

Received: from 66.113.130.225 ([172.18.12.132])
by vms043.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 (built Apr
3 2006)) with ESMTP id <0JCQ00CZOCSVUKA0@vms043.mailsrvcs.net> for
XXX@XXX.XXX; Wed, 31 Jan 2007 05:19:44 -0600 (CST)
Received: from lsh134.siteprotect.com (66.113.130.225)
by XXX@XXX.XXX (MailPass SMTP server v1.2.0 - 112105154401JY+PrW)
with ESMTP id <4-14985-81-14985-6-1-1170242562> for XXX@XXX.XXX;
Wed, 31 Jan 2007 05:22:43 -0600
Received: (from meacsports@localhost) by lsh134.siteprotect.com (8.11.6/8.11.6)
id l0VBJhG07362; Wed, 31 Jan 2007 05:19:43 -0600
Date: Wed, 31 Jan 2007 05:19:43 -0600
From: PayPal <service@paypal.com>
Subject: Please Update Your Billing Information
X-Originating-IP: [66.113.130.225]
To: XXX@XXX.XXX
Reply-to: service@paypal.com
Message-id: <200701311119.l0VBJhG07362@lsh134.siteprotect.com>
MIME-version: 1.0
Content-type: text/html
Content-transfer-encoding: 8bit


Protect Your Account Info

Make sure you never provide your password to fraudulent websites.

To safely and securely access the PayPal website or your account, open a new web browser (e.g. Internet Explorer or Netscape) and type in the PayPal URL (https://www.paypal.com/us/) to be sure you are on the real PayPal site.

(Note that it even warns you to make sure you are going to a legitimate site!)

PayPal will never ask you to enter your password in an email.

To learn more about protecting yourself from fraud, visit the Security Center. Click "Security Center" on the bottom of any PayPal page

Protect Your Password

You should never give your PayPal password to anyone, including PayPal employees.

Update Your Information !

(Separated exclamation mark looks funny, but there's more...)

Dear PayPal Member,

Unusual account activity has made it necessary to limit sensitive account features until additional verification of information can be collected.

Case ID Number: PP-931-307-389

You must click the link below and enter your password on the following page to confirm your billing information.

Click here to restore you account access

(Actually, this goes to "+http://www.ardcg.com/exponent-096/views ... _login-run#" and the 2 other links provided in the mail where it says to go or to click "here" or whatever go to exactly the same place.)

All restricted accounts have their billing information unconfirmed, meaning that you may no longer send money from your account until you have update your billing information on file.

We apologize for any inconvenience.

Sincerly,
PayPal Account Rewiew Departament.

(THREE spelling errors!)


--------------------------------------------------------------------------------

Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and choose the Help link located in the top right corner of any PayPal page.

To receive email notifications in plain text instead of HTML, update your preferences here.


--------------------------------------------------------------------------------

PayPal Email ID PP059

FSTargetDrone wrote:The italicized text in parentheses above is mine. It is of course painfully obvious that it is bogus as I have no PayPal account with the e-mail address this was sent to. I have no doubt that were I to click on the links provided in the mail, I would be sent to a very authentic-looking but completely fake "PayPal" site that wants my Social Security number, credit card numbers, etc.

FSTargetDrone wrote:The "+www.ardcg.com..." links are evidently connected to a Malaysian company called "ARD Consulting Group (M) Sdn Bhd" whose website claims it provides "security" services. That may well be true, but there is no way in hell I would accept that as a legitimate link to click in an e-mail claiming to be from PayPal. Certainly not from an official company e-mail that has 3 obvious spelling errors.

Ted C wrote:In addition, it would probably attempt to install spyware on your computer and put your email address on a "sucker list" for sale to other spammers.

It's also possible that ARD Consulting Group is a legitimate business with poor computer security (hopefully not the "security" service they're selling). It's quite possible that some spammer compromised one of their servers and installed software to send and handle these messages.

ARD Consulting Group is a value added distributor focusing on providing best of breed security solutions via strategic partnerships with organizations keen on establishing their presence in Malaysia. Since 2001, these solutions have provided or enabled our channel partners to use them as a source of competitive advantage.

Our solutions could be generally grouped into 4 categories:

* End point security
* Application security
* Perimeter security
* Data / Information security & availability

We believe that these solutions will enable organizations to secure key applications faster, provide better manageability and create a more resilient infrastructure. To enable us to drive these solutions through to our value customers we realize the importance of securing key vertical market accounts and continuously strengthen our relationship with channel partners.