The everyday blog of Richard Bartle.
RSS feeds: v0.91; v1.0 (RDF); v2.0.
Previous entry. Next entry.
12:04pm on Tuesday, 28th June, 2005:
I received an email just now saying Jay Clark has just sent you $28.00 USD with PayPal . It was sent to email@example.com, which doesn't have a Paypal account (although I was pretty sure it was a scam anyway). Still, I followed the link to find out where it went.
It went to http://www.hubertuswochen.de/.www.paypal.com/login-run/index.html, though it tries to hide this by putting an image over the address line. It's a pretty good spoof.
The perpetrator is probably piggy-backing on some poor sod's hacked web site, but since the login.php script it runs is also on that site police investigators should be able to track where the phished password and email address are going fairly sharpish — hopefully before too many people get taken in. I don't know what happens when you fill in the form with dud information, and I've no intention of finding out...
I forwarded the email to firstname.lastname@example.org.
Referenced by Learning the Trade.
About this blog.
Copyright © 2005 Richard Bartle (email@example.com).