Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
RE: PayPal "security" measures
From: McAllister, Andrew (McAllisterAumsystem.edu)
Date: Mon Apr 04 2005 - 11:29:34 CDT
I followed up with Mr Rasmussen privately. I've been getting phishing
spam that looks to be from PayPal (nothing new there), but strangely
enough has NO visible attack vector. The phishing spam directs me to a
legitimate paypal page. I know it is a scam because, e-mail headers
indicate the mail has come from unknown hosts, and I've received
confirmation from PayPal that it is a scam.
I reported the "spoof" e-mail via this paypal link:
https://www.paypal.com/ewf/f=pps_spf. I got a response back about 24
I have no explanation for this legitimate looking but fraudulent e-mail
other than to suspect that phishers are laying groundwork for a
follow-up e-mail pointing to a phishing site instead of paypal.
Basically, getting victims accustomed to the look and feel of their
letter by pointing to paypal, then later sending them another
"identical" e-mail that points to the phishing site.
> -----Original Message-----
> From: Michael Rueve [mailto:rueveregioconnect.net]
> Sent: Sunday, April 03, 2005 9:30 PM
> To: Jeremy Rasmussen; bugtraq
> Has anyone here been able to contact this company and gotten
> any reasonable response (i.e. some real and competent person,
> not automated replies or replies that clearly tell you the
> person responding did not even read your request)?