update@paypal.com... fraud

Discussion in 'General Chat' started by jameskon, Dec 19, 2006.

  1. #1
    got a mail from regarding my account being suspanded...

    intresting thing was the id i got it on doen't have a paypal account:D

    int resting thing is how can they send it from @paypal.com :confused:




    is there any hacking trick involved
     
    jameskon, Dec 19, 2006 IP
  2. salmonbones

    salmonbones Well-Known Member

    Messages:
    331
    Likes Received:
    18
    Best Answers:
    0
    Trophy Points:
    130
    #2
    look up the term 'phishing' !
     
    salmonbones, Dec 19, 2006 IP
  3. fsmedia

    fsmedia Prominent Member

    Messages:
    5,163
    Likes Received:
    262
    Best Answers:
    0
    Trophy Points:
    390
    #3
    it's very easy to spoof, anyone can do it....

    there are dozens of other posts like this one already, we know...
     
    fsmedia, Dec 19, 2006 IP
  4. krakjoe

    krakjoe Well-Known Member

    Messages:
    1,795
    Likes Received:
    141
    Best Answers:
    0
    Trophy Points:
    135
    #4
    off the top of my head

    mail("you@youremail.com", "PayPal Account Suspended", "Blah blah, go to this page and give me all your details", "From: PayPal <update@paypal.com>\n\n");

    Will produce an email that seemingly comes from paypal, however a close look @ headers will reveal similar to :

    Return-path: <xxxx@host.7log3.net>
    Envelope-to:
    Delivery-date: Tue, 19 Dec 2006 18:25:26 +0900
    Received: from xxxxxxx by host.7log3.net with local (Exim 4.52)
    id 1GwbDy-0002mv-3k
    for ; Tue, 19 Dec 2006 18:25:26 +0900
    To:
    Subject: PayPal Account Suspended
    From: PayPal <update@paypal.com>
    Message-Id: <E1GwbDy-0002mv-3k@host.7log3.net>
    Date: Tue, 19 Dec 2006 18:25:26 +0900

    However all email headers can also be spoofed
     
    krakjoe, Dec 19, 2006 IP
  5. jameskon

    jameskon Well-Known Member

    Messages:
    2,415
    Likes Received:
    26
    Best Answers:
    0
    Trophy Points:
    175
    #5
    if thats the case it can fool up innocent ppl easy... thats totaly fraud
     
    jameskon, Dec 19, 2006 IP
  6. krakjoe

    krakjoe Well-Known Member

    Messages:
    1,795
    Likes Received:
    141
    Best Answers:
    0
    Trophy Points:
    135
    #6
    yeah it is, you'll normally find these emails are sent from poorly managed free hosting servers, experienced admin know how to stop people trying to spoof email headers and there are plenty of ways to stop it, but a lot of the time free webhosts consist of a guy with a reseller account and not a lot of anything else ( including any idea about what's going on ), and so phishing sites and spoof emails are born, when you open emails if it ever looks suspicious compare the headers to a mail you have recieved before, if you're still unsure, contact the company whoever they are and send them the message + headers to review, even if it says urgent, they'll be happy to wait while you verify they are who they claim to be......
     
    krakjoe, Dec 19, 2006 IP