This is quite a serious issue that everyone should be fully aware of.
What is Phishing ? Well basically it's a scam designed to steal sensitive personal information.
Read Here for more information
These type of "attacks" tend to come form addresses that you could almost trust with subjects that sound possible.
Here's an example of one I received today from
[email protected]
with the subject
Re: PayPal Security Alert: Message id 3868355
Ok so it all looks OKish.
Once the mail is opened it all set out to look like a real paypal mail.
The text of the mail also sounds right:
Your PayPal password has been changed.
If you or anyone with authorized access to your account did not make this change, please update to your account Online account can be confirmed at any time clicking here:
Respond to this notification.
Our database will be instantly updated.
The Password Change request was made from:
IP address: 40.16.60.868
ISP host: sjclb789-map647.sjc.ebay.com
Thank you,
PayPal
From here on you are asked to follow an inbedded link that takes you to what looks like paypals own site.
Here is where they attempt to steal your info.
So time to point out some tell tail signs.
Note the from address is
-paypal.com, the subject is a
Re: a reply and the best one is the so called IP address.
It is
impossible for any number in the IP address to be more than 255 so ending 868 is really bad.
Of course if these pointers haven't allerted you then the address that it sends you to should. The address tends to be oddly formatted.
It starts OK with the normal
www.paypal.com but then degenerates in to seemingly meaningless characters. This is the real address.
There is an underling fault in the way the WWW is coded where by the insertion of a perticular character tells your brower to ignore the first part (
www.paypal.com) and direct you to the second part (random charcters). These characters contain all the needed information to redirect you to the scammers site.
To cap it all this phisher even has the gaul to post Paypals scam warning on the bottom:
* Protect yourself from spoof (fake) emails and Web sites. Take the Spoof Tutorial to learn about eBay Toolbar with Account Guard, which warns you when you are on a known spoof site.
Learn how you can protect yourself from spoof (fake) emails at:
http://pages.paypal.ca/education/spooftutorial
These type of mails don't just come from Paypal, but any site where personal information is needed.
Some pretend to be Banks, Insurance agents, Ebay and Other financial companies.
So as a word of warning if you ever receive a mail of this type and it looks real then
DO NOT follow the link supplied, but log in to your account the way you normally do.
If it is real then you'll be notified on the site.
It always pays to be careful and surf safe
Now where did I put my
Tinfoil hat