Fake PayPal Website Out
Starting yet another hazy day, I launched my email client to check if there were any new emails. The feeling of receiving emails is always a happy thing because it feels comforting that someone out there cares or wonders about you.
As much as it pleases anybody to receive fan email or in my case, feedback of my blog or website, the emails sent to me were newsletters and invites. I got a newsletter from Thawte; company selling SSL certificates, and it’s weird because I don’t remember subscribing to them. The invites were interesting with one coming from Softnyx (Gunbound creators) asking if I’d like to BETA test their new fantasy game called, Raikon.
The second invite came from supposedly PayPal. Everything in the email down to the email address listed it as coming from PayPal themselves. However, one crucial mistake foiled this phishing scam.
The term phishing is used to described a scam by sending an email to an end-user with the representation that the email was send from a legitimate establishment, but the true intent is to gather personal information of the end-user with the intent to fraudulent use these information. ~ Symmetric Triangle
So let’s start this with a snapshot of the phishing email sent to my inbox. Click HERE to view image.
Even with close analyzation, it’s not really possible to identify the legit of this email. The address that this email came from was registered coming from a sender at PayPal themlseves. So with all this done, my curiosity prodding me since I ain’t a PayPal member, I just clicked on the link.
Soon later my browser launched and I was brought to the website. Now, if I was just a normal person who didn’t pay much attention to stuff like URLs or even bother installing a good antivirus engine, I’d be in big trouble. Click HERE and try to find out the reasons.
If you noticed, there’s a weird address just below the URL. It’s the official website address and if you look around the area, it’s inside a box. The box is almost the size of the URL area you type your address. Now ain’t that smart. But for some reason, that box wasn’t done up to actually cover the original address.
The next problem relates to practice of always installing and updating your antivirus engines. On that website, the moment it finishes loading, a trojan virus is inserted into your computer in the background. Thankfully for me, my antivirus picked the trojan up and warned me about it.
Trojans are a seemingly harmless program that hides a malicious virus, such as a password program that secretly allows a black-hat hacker to steal important data from your computer or in some circumstances, even crash your machine. Some even speculate that they might be able to control your webcamera connected.
So if you receive an email as before, either contact PayPal directly enquiring about any emails sent by them lately or just make sure you have a good antivirus engine. It also pays to be a little observant when surfing to websites involving any form of money transactions.
During the case of the Maybank website phishing scam, I heard that it was so great that even the URL was modified. Therefore, practice enquiring about fishy emails by contacting official companies and also make sure you have a good antivirus engine installed. And not all free antivirus engines are great.
Have something to say? Leave a comment