Skip to page content or Skip to Accesskey List.

Work

Main Page Content

Paypal Users Beware

Rated 3.96 (Ratings: 8)

Want more?

  • More articles in News
 
Picture of Jeff Howden

Jeff Howden

Member info

User since: 14 Dec 1998

Articles written: 21

PayPal has generally been very good about security, even going so far as to warn users upon practically every visit to the site to never share their password with anyone. However, this latest scam involving PayPal could fool even the most clued-in of Internet users.

The scam arrives in your inbox appearing as an email from PayPal support. Here's how it reads (all spelling, punctuation and grammar errors were present in the original email):

From: "Paypal.com"

To:

Subject: Your Paypal.com Account is on HOLD

Date: Wed, 1 May 2002 08:48:51 +0500

Reply-to: "Paypal.com"

Dear Sir,

We regret to inform you that due to system failure we have lost our backups of all accounts, so most of accounts are on HOLD status, including yours, if you want to continue our service without any trouble, then you are advised to please go to following Paypal.com page and enter your information, so that we can update your account information.

Please go to: http://www.paypal-inc.com (New window will open)

If you do not want to enter information, then your account will be automatically DELETED after 3rd May 2002

We really appreciate your help in this mater.

Regards,

David John

Head Customer Support Department

Paypal.com

I performed a WHOIS of the domain in the link itself (notice it's different than the one in the text) and found that the owner of the domain co-inc.com is based in Hong Kong. If you follow this link, you'll notice that the page is a very close duplicate of PayPal's home page. In fact, the scam artists simply saved PayPal's homepage using Internet Explorer's "Save complete webpage" feature, put the images up on a Brinkster.com account, and changed the layout of the fake page slightly to give their own login form more prominence. Any unsuspecting visitor would unknowingly be sending their information to these scammers who are bound to transfer any funds they find to another account.

Just goes to show that we should all pay very close attention when dealing with these matters online.

.jeff

Jeff Howden (.jeff) is a web developer working for Vos & Howden, LLC in Portland, Oregon where he's partnered with long-time colleague, Anthony Vos. His skills include ColdFusion, JavaScript, CSS, XML, relational databases, and much, much more. His biggest professional accomplishments include, but are not limited to:

  • building a ColdFusion-based e-commerce solution for Mt. Bachelor that transacted over $1.62 million dollars in September 2001 with 0 (yes, that's zero) ColdFusion errors and then an almost completely rebuilt version transacted $2.86 million dollars in September 2002.
  • being asked to be a Technical Editor for the ColdFusion MX book, Inside ColdFusion MX from New Rider's Publishing company.
  • being asked by BrainBench to perform quality control on their JavaScript 1.5 certification test after receiving the highest beta test score out of 200 testees.
  • managing the server that hosts evolt.org and withstanding a slashdotting that brought over 1,000,000 hits to the site, over 10 gigs of data transfer, and an average in excess of 2300 unique visitor sessions per hour, all within a 24-hour period and the server never hiccuping once.

The access keys for this page are: ALT (Control on a Mac) plus:

evolt.org Evolt.org is an all-volunteer resource for web developers made up of a discussion list, a browser archive, and member-submitted articles. This article is the property of its author, please do not redistribute or use elsewhere without checking with the author.