Jump to content
Have You Played Atari Today?
2600|5200|7800|Lynx|Jaguar|Forums|Store
IGNORED

Fake Paypal site

Paul Slocum

By Paul Slocum
in Auction Central

 Share

Recommended Posts

Paul Slocum Stargunner

Paul Slocum

Posted
Posted

Do NOT log into this Paypal site. I got an e-mail this morning saying I needed to log into my Paypal account to confirm it with a link to this fake Paypal page. I called the ISP on the phone this morning and e-mailed Paypal, but it's still up. I can't believe the ISP hasn't shut it down yet.

 

http://paypal.com@207.150.221.93/ws-paypal.../?accountupdate

 

-Paul

Link to comment
Share on other sites
CosmicJoke Moonsweeper

CosmicJoke

Posted
Posted

That is a seriously dangerous(financially) site! Has anyone informed the real PayPal?

 

jahfish

quote
would be great is everybody on the board registers 10 or 20 different accounts there  

 

I took your suggestion and registered about 10-15 different accounts. I made them seem pretty realistic. I hope they try logging on with'em!

Link to comment
Share on other sites
Atari2600Phreak Space Invader

Atari2600Phreak

Posted
Posted

The site's still there. The accounts are being sent to a drop box:

 

input name="FROM_EMAIL" type="hidden" value="admin@yougotmail.com"

input name="inputs" type="hidden" value="mail,pass,"

input name="toEmail" type="hidden" value="freedom2@atrevete.com"

input name="subject" type="hidden" value="You've got mail Baby!"

input name="redirect" type="hidden" value="http://207.150.221.93/ws-paypal1c/secureverify/"

 

Now I wouldn't advocate this, because it'd be mean and probably illegal, but wouldn't it be a shame if freedom2@atrevete.com were subscribed to about 100 or so free pr0n lists, so that the box would become full, and the accounts harvested would start bouncing. (I don't read enough Spanish to be sure, but it looks like atrevete.com provides a free email service.)

 

The red flags are pretty obvious for an experienced user: no SSL, URL containing "@" (one learns quickly after one goatse link!), but for a relative newbie, this is death on wheels.

 

[ 05-26-2002: Message edited by: Atari2600Phreak ]

Link to comment
Share on other sites
KAZ Stargunner

KAZ

Posted
Posted

The first site is fake, but yeah, it seems to link to the REAL paypal secure site.

 

The makers of the fake site, then, are after people's login names, and passwords.

 

That's how it looks to me. You could even probably still "send money" to people using the fake site, because it links to the real one. Sneaky bastards.

 

Am I correct on this?

Link to comment
Share on other sites
KAZ Stargunner

KAZ

Posted
Posted

I tried logging into the fake paypal site, using NO login name or password....

 

It says something like:

 

Your account has been verified, you may now continue using Paypal.

 

I got a security certificate warning about the site too, meaning it wasn't from the real paypal site.

 

It does kinda make me mad that people keep trying to **** other people over like this.

Link to comment
Share on other sites
Philflound River Patroller

Philflound

Posted
Posted

Yes, that is the intention. Unsuspecting people will log in their real user id and password, then the hackers will just take all of their money, change their password, and possibly get access to their bank account. Damn internet is beginning to annoy me. I'd use bad words, but I'm going to keep it clean.

 

Phil

Link to comment
Share on other sites
weaselbrains Star Raider

weaselbrains

Posted
Posted

What this site is doing is stealing the images and layout from the real PayPal site and using a form that emails people's user Id and password to the owners of the site when someone tries to log in.

 

Emailing the ISP and trying to have the site shut down is a good step, but how many people's IDs and passwords do you imagine they have obtained already?

 

It might take a day or two for the ISP to get around to shutting the site down, and in that time they might receive a bunch of people's IDs and passwords - meaning they can drain their PayPal accounts.

 

I think the best way would be to email freedom2@atrevete.com with huge attachments in the hope that they will push the inbox over its size limit and stop it from receiving anymore PayPal account details.

 

Signing into their site with fake PayPal details is not going to do that much because it will only take them 2 seconds or so to check whether they are fake or not.

 

I wonder how many people have entered their real details into this page already.

 

mitchell

Link to comment
Share on other sites
Guest cvo

Guest cvo

Posted
Posted

Good news/update:

 

I did a little bit of homework to find out as much as I could about the scab(s) running the fraudulent PayPal site, and I discovered that the site being used to run the script was off of http://wwwtoolz.com/form2email/form2email.asp

 

I emailed the sys admin regarding the situation, and he was very very cool about it and took immediate action. He blocked off their ability to the login email from their webpage, and contacted their web host (http://www.winsave.com). So now if you go to the original fraudulent PayPal site (http://paypal.com@207.150.221.93/ws-paypal1c/secureverifyn/?accountupdate), you will see that if you click on the "Login" button, you will get an informative message/alert. I did as much as I could, and now it's up to PayPal to do some work. Of course with PayPal's customer service history, I doubt much will be done.

 

Ciao,

Carolyn

Link to comment
Share on other sites
Albert Quadrunner

Albert

Posted
Posted

Awesome! However, I'm really dismayed at how long it took for this site to shut down. I really hope too many people didn't get suckered into this, although I have little doubt that some people are now wondering what the hell happened to the money in their checking account. Another good reason not to link your primary checking account to PayPal..

 

..Al

Link to comment
Share on other sites
Guest cvo

Guest cvo

Posted
Posted

Hey again!

 

You can actually still get to the fraudulent site via the following URL:

http://paypal.com@207.150.221.93/ws-paypal...ex.html.changed

 

However, if you click on the "Login" button, you will get the following nifty message:

 

"While submitting your form, we found the following errors:

 

THIS USER WAS USING THIS PAGE TO FALSELY AQUIRE PAYPAL ACCOUNTS. WE HAVE CANCELED THEIR ACCOUNT, AND CONTACTED THE PROPER AUTHORITIES. FOR MORE INFO, CONTACT SENIORHEFF@ATTBI.COM. THANKS, WWWTOOLZ STAFF."

 

Eeeeexcellent, Smithers....

 

Ciao,

Carolyn

Link to comment
Share on other sites
Noble Kale River Patroller

Noble Kale

Posted
Posted

those bastards. I arrived too late to help it would seem.

Congratulations and thanks to everyone who helped stop this site. Now we just have to wait for the fallout....

 

Just goes to show, this community (AtariAge) is not to be screwed with. We dealt with that fake rare cart bastard, and we just dealt with this...

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
AtariAge
Forums
Store
General
Follow AtariAge

Copyright ©1998-2023 AtariAge

×
×
  • Create New...