wfitg Posted September 8, 2014 Report Posted September 8, 2014 For those who like to keep everything updated and patched: Security Fix: Swiftmailer 5.2.1 released http://blog.swiftmailer.org/ These days Spammers troll the Internet looking for venerabilities. Michael 1 Quote
Nelsa Posted September 8, 2014 Report Posted September 8, 2014 Sorry for offtopic but I got this e-mail in same time as you mention spammers.This guy make me cry and lough in same time.Well I'm also aware that not all internet users are advanced and many people actualy be came victim, but this is really so obviously. Here is thing; Today I got e-mail from "pay-pal"(offcouse on e-mail account which is not asociated with P.P) and from this e-mail account service@peypal.com with this title "Your account has been limited Pay Pal ID case xxxxx" and in that e-mail He put attachment which is .htm file and it is exactly copy of pay pal page and all links point to real pay pal site..etc but He ask from users to open that attachment, fill this form,save it and send back in e-mail (as you see it is exactly copy of pay pal page but opened through localhost) . Here is form,see link to file on localhost. And after fill this form (where he ask pay-pal e-mail ,pass,....)he ask you to save it and send back in e-mail as attachment Here is e-mail content ,it is exactlly same like pay-pal template but I had to remove some images due to forum restrictions. Dear customer , As part of our efforts to provide a safe and secure environment for the online community, we regularly screen account activity. Our review of your account has identified an issue regarding its safe use. We have placed a restriction on your account as a precaution. To lift the restriction we will require some further information from you. If, once we review your further information and we're confident that the use of your account does not present a safety risk to our service and customers, we'll be happy to reinstate your account. We have sent you an attachment which contains all the necessary steps in order to restore your account access. Download and open it in your browser. After we have gathered the necessary information, you will regain full access to your account. Please make sure you enter the information accurately, and according to the formats required.Fill in all the required fields. We thank you for your prompt attention to this matter. Very sincerely,PayPal Review Department Search PayPalSearch Log Out Help Security Centre My Account Overview Add Funds WithdrawTransfer to Bank Account History Basic Search Download History Resolution Centre View Open Cases Guides Profile Add or Edit Email Add or Edit Bank Account Add or Edit Credit Card Add or Edit Postal Address Send Money Request Money Merchant Services Auction Tools Products & Services Quote
Michael Posted September 8, 2014 Report Posted September 8, 2014 Lord Sugar had a email from Apple which was fraudulent: https://twitter.com/Lord_Sugar/status/508171877261787136 But they are easy to spot if you read and check the signs. I use InterWorx and our SpamAssassin is set-up very strict and I've not had any spam since. I used to get a lot of PayPal fraudulent emails but mike@ domain doesn't have access to the paypal account so I knew they was fake wfitg 1 Quote
Nelsa Posted September 8, 2014 Report Posted September 8, 2014 Well I get tons of similar e-mails mostly with links to phishing sites(like fake payoneer sites..etc) it is not unusal but this guy is genius,it doesn't send you link masked with anchor to some pay pal copyed phishing web site,no he send you .htm file which probably 90% ordinary users even doesn't know how to open or if they open it with default app(mostly editors) will see just source code, on the other hand who ever know what is .htm file and how to open it,also probably know how to recognize fakers. Here is for example e-mail I got for perfect money where you have link with perfect money url as anchor and real url http://prefectmony.com (without"e") which can be very hard to reckognize for ordinary user and considering very similar URL and web site copyed in details, I send warning to all my clients ,well they don't use https but most ordinary users don't look which protocol site use. Dear Customer,We notices suspicious login activity from the following IP addresses to your account ,141.0.118.173141.7.65.214For your protection , we have temporary deactivated your accountTo reactivate your account , please use trusted pc and go to Account Verification Management Here https://perfectmoney.is -(as you see this is real address of P.M but in this case it was anchor , and true link is http://prefectmony.com/browse.php?u=https%3A%2F%2Fperfectmoney.is&b=28&f=norefer)Sincerly, Quote
wfitg Posted September 9, 2014 Author Report Posted September 9, 2014 I like the ones that say they are from the FBI. heh... Nelsa 1 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.