Got freaked out by phishing scams today! Watch out!

[GraysonPeddie]

I got two phishing e-mails, one from mail.com and web31.cqservers.com. How do I know it's not from eBay and PayPal? Because I did a WHOIS lookup (http://www.geektools.com/whois.php)!

Because I do never fall into those scams, I sent an e-mail to pirt ( at ) castlecops dot com (see PIRT for more details).

From "eBay Safe Harbour," here's what it said:

Dear member, it has been five days since i have sent you the payment invoice for my item you won on eBay. If i do not receive any news from you in the next 2-3 days i will be forced to report you to eBay, leave you negative feedback and file a non-paying bidder complaintand. Please answer ASAP !

Here's my question:

What item are you talking about?: I don't know! The seller didn't mention what item it is that I won.
Did I won an item from the seller?: No...

With the second question that I asked, I looked at what it mentioned, with no mention of an item, but addressed me as "member," and overall, that e-mail that I got are entirely fake! But even though it's simple, I kinda got suspicious that I will get a negative feedback but I DOUBT!!!

PayPal (mail.com) told me that my account have limited access, but I checked my account from PayPal website (always type www.paypal.com in your browser's address bar -- always!) and NO PROBLEMS with my account!!

Thus, I pulled myself together and my suspicians are under control. With two of the e-mails sent to PIRT, I can be assure they will take care of everything and hope to get the phishing websites shut down... So before I fall into scams, I always check the headers and know who they say they are before I open an e-mail. So trying to get me to click in links in e-mail messages won't help take over my computer and won't get me to became a victim of identity theft.

By always checking headers before opening e-mail, this could make it worse for criminals and scammers, and it doesn't matter if they will try harder to get me to click in links or dial a phone number or whatever criminals/scammers want me to do. I hope the criminals/scammers leave me alone, but I can't expect that... (sigh) :P

 

[VamPyroX]

Simple, ignore the email.

You don't need to do a "WHOIS" look up. A simple roll-over with the cursor will work. If you move your cursor over a link, the source URL will appear on the bottom status bar of the internet browser window. With eBay and PayPal, it's usually something like...

h ttp://w ww.scam.com/iwillgetyou/w ww.paypal.com/scam.html

Another thing is how they talk to you. If it was real, they would use your name instead of saying "member".

I get them all the time in my emails. Of course, I ignore them. I know that they can't report on me because if they did, eBay would check my records and see that I never bid on an item of theirs. Therefore, why worry?

 

[LuciaDisturbed]

Yeah, I get them too. Especially from sites that are claiming to be from my ISP but really are not. I just delete them. And I never click on their links.

 

[TFWFalcon]

ignore them. They try create scare you off and do make payment invoice. PFFFFTTT delete them cause you has not enter lottery ticket or orders. It is stupied someone doing that.

 

[GraysonPeddie]

It's about phishing scams. They will try to fool you into entering your user name and password and instead of going to a trusted site, you will be leaded to bad guys site. See how phishing work.

I know about the URL, but I'd consider all e-mail messages I get are scam, so I check headers before I open an e-mail. Some scammers can embed some code in some pictures to check whether you opened your e-mail message and execute code in your computer, so I have Microsoft Outlook turn off the images, which is a good security measure.

We can't ignore phishing messages; otherwise, many consumers will not use the Internet to do online shopping. We wanted to make the Internet a better place for anyone. So not everyone will ignore the phishing/spoofed messages claiming to be from the bank or PayPal.

Have a look at PIRT Fried Phish Reports.

 

[VamPyroX]

When you get email from a website that you're a member of, it's best to go to the site yourself instead of clicking on the link in the email.

If it's from PayPal and they say that your account is messed up, then that same message will appear when you log on PayPal. So, simply go to the website manually instead of the link and log on yourself. If there's a message there, deal with it there.

I get emails from MySpace about messages for me. I simply go to MySpace manually and check there. When I log on, I will see "You Have ## New Messages". Simple as that.

 

[GraysonPeddie]

Yeah I know. I always check to be sure I'm okay, but if you look at the whole world, meaning those who are computer illiterate, they will just click in links or dial phone numbers and simply perform as normal like entering username/password, enter information, etc. And because I'm Internet-savvy, I always check headers in e-mail address, report the messages to anti-phishing agencies, check in my bank's or eBay's website and check to make sure my accounts are okay.

My intent is to inform anyone about phishing scams like check for headers in e-mail message, don't click in links, etc.

 

[Neo]

COOL!

*click click click click click*

 

[VamPyroX]

COOL!

*click click click click click*

VIRUS ATTACK!