Saturday, 5 January 2008

Phishing Warning !!

Guess what ?! I have been PHISHED !!!! The cheek of it !!!

Given what I used to do for years (!) - we have as many protections on our PCs as possible. Anti everything I can think of.

Even so, this morning I found an e-mail from "security@PayPal.com" telling me my PayPal account might have been compromised, and it had been temporarily suspended for security. And if I was who I claimed to be, then I should click on the link to reactivate my account. And I had 72 hours, or else it would be deleted.

I have to say - it looked convincing, and it was in French. Very complicated to translate and understand.

My hesitation was because ..... I had NEVER used PayPal and therefore had NEVER opened an account. But I do use Amazon (UK and FR) and started to wonder if they used PayPal behind the scenes. I thought not, but for the first time I bought something second hand from Amazon at Christmas, and I started to wonder if third-party sellers with Amazon used PayPal.

As you can see - I started to FIND reasons why it might have been a genuine e-mail!

But old IT habits die hard - if in doubt, DON'T!!!! So I didn't.

A couple of hints were there - the e-mail had an attachment for a start. And when I tried to save the e-mail itself as text - it would not let me. This is a good giveaway that it has programmimg code hidden in it.

Then, I vaguely remembered reading many months ago (possibly on e-Bay) about spoof PayPal e-mails.

So I went on e-Bay. Found a link to the PayPal site, and clicked on the link for their Security Centre.

There I found various warnings etc about fake e-mails and websites - and most importantly, a request to send ANY suspicious e-mails to spoof@paypal.com.

And this I did - and unfortunately, with quite a pissed-off, terse message. Along the lines of - if this is PayPal trying to get me to sign up to an account, I am not impressed, etc!!

I immediately got a response back thanking me and telling me it was a phishing e-mail. I did feel guilty about my rude message to them!!

***
Thanks for taking an active role by reporting suspicious-looking emails.
The email you forwarded to us is a phishing email, and our security teamis working to disable it.
Phishing emails attempt to steal your identity and will often ask you to reveal your password or other personal or financial information.
PayPal will never ask for your password over the phone or in an email and will always address you by your first and last name.
Take our Fight Phishing Challenge at
https://www.paypal.com/fightphishing to learn 5 things you should know about phishing.
You'll also see what we're doing to help fight fraud every day.
You've made a difference.
Every email counts.
By forwarding a suspicious-looking email to
spoof@paypal.com, you've helped keep yourself and others safe from identity theft.
Thanks,
The PayPal Team
***
On their website Security Centre, they mentioned about ICONIX which is a free download that will confirm whether an e-mail is genuine or not.

Something else I have now added to our PCs......

BE SAFE - PROTECT YOUR PCS !

No comments: