[Full-disclosure] Another PayPal phishing scam

cumhur onat cumhuronat at gmail.com
Tue May 3 08:44:43 BST 2005 

how cant authorities do anything about this servers?

On 5/2/05, Julio Cesar Fort <julio at rfdslabs.com.br> wrote:
> 
> Today I received a fake message pretending to be from PayPal Security
> Center. The most intersting thing is that I don't even have a PayPal
> account.
> 
> The fake PayPal link points to a possibly compromised server in Spain
> (http://217.11.100.3/~cs/paypal/)
> 
> Regards,
> Julio Cesar Fort (julio at rfdslabs com br)
> Recife, PE, Brasil
> 
> www.rfdslabs.com.br <http://www.rfdslabs.com.br> - computers, sex, human 
> mind, music and more.
> 
> -- scam (in raw text) --
> Security Center Advisory!
> 
> We recently noticed one or more attempts to log in to your PayPal account
> from a foreign IP address and we have reasons to belive that your account
> was hijacked by a third party without your authorization. If you recently
> accessed your account while traveling, the unusual log in attempts may 
> have
> been initiated by you.
> 
> If you are the rightful holder of the account you must click the link 
> below
> and then complete all steps from the following page as we try to verify 
> your
> identity.
> 
> Click here to verify your account
> 
> If you choose to ignore our request, you leave us no choice but to 
> temporaly
> suspend your account.
> 
> Thank you for using PayPal! The PayPal Team
> Please do not reply to this e-mail. Mail sent to this address cannot be
> answered. For assistance, log in to your PayPal account and choose the
> "Help" link in the footer of any page.
> 
> To receive email notifications in plain text instead of HTML, update your
> preferences here.
> 
> PayPal Email ID PP697
> -- end of scam --
> 
> ________________________________________________
> Message
> sent using UebiMiau 2.7.2
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050503/d8c5c6df/attachment.html

Full-Disclosure is hosted and sponsored by Secunia.