There is a new and sophisticated Paypal phish scam starting to spread on the internet. The information that follows has come from various folks who share information regarding phishing (thanks Peter).
Paste starts here...
The complete URL is:
http://www.google.pt/url?sa=U&start=4&q=http://dns1.n-kiso.co.jp/.checking/.
www.paypal.com/index.php.
Which goes to:
http://dns1.n-kiso.co.jp/.checking/.www.paypal.com/index.php
When the link "Click here to go to our main page "
It will open a javascript: "java script: Start('sysdll.Php')"
When opened it will construct the fraudulent website according to your
default browser.
I've tested with:
- Firefox
- Internet Explorer
- Opera
All latest versions with all relevant patches.
The fake adressbar used may trick someone into thinking that they are
actually on https://www.paypal.com. Watch and observe. This is indeed tricky
done.
Paste ends here ...
Folks, as always, never open a link in an email UNLESS you know what you are doing and you know where it will go. No reputable financial institution or government agency will ever send you emails requiring you to visit any site and verify personal information.
Surf smart, surf safe
Rich
Dogsoldier.com
Subscribe to:
Post Comments (Atom)
2 comments:
Not quite what came to me, but close enough "http://2113635650/image/paypal/error.html" leeds to a "click here" which is javascript:Start('sysdll.php')
Thanks for your comments.
Please bear in that the referenced phish site was active at the time of the original post (11/2005). phish sites rarely stay on the air at the same IP for more than 1 - 3 days.
Post a Comment