Paypal phishing?

Monday 4th April, 2005
I got an email tonight:

From: PayPal Account Review Department

To: blog@jaffacake.net

Subject: Notification of Limited Account Access
?
As part of our security measures, we regularly screen activity in the PayPal system. We recently noticed the following issue on your account:
We recently received a report of unauthorized credit card use associated with this account. As a precaution, we have limited access to your PayPal account in order to protect against future unauthorized transactions.
?
Case ID Number: PP-091-233-629
For your protection, we have limited access to your account until additional security measures can be completed. We apologize for any inconvenience this may cause.
To review your account and some or all of the information that PayPal used to make its decision to limit your account access, please visit the Resolution Center by following the link below:
https://www.paypal.com/cgi-bin/webscr?cmd=login-run
If, after reviewing your account information, you seek further clarification regarding your account access, please contact PayPal by visiting the Help Center and clicking "Contact Us"

We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.
Sincerely,
PayPal Account Review Department
?

PayPal Email ID PP545
Accounts Management as outlined in our User Management , Paypal will
periodically send you information about site changes and enhancements
Visit our Privacy Policy and User Agreement if you have any questions :
http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/ua/policy_privacy-outside

So...I know this is fake and I know it's phishing...but where is the catch? I can't see any wrong with the URL's. Anybody got any clues?

Incidentally, I know it's fake because I've never used paypal...wonder why!

  1. 1) Paul Mooney Said: (04/04/2005 21:59:16 GMT) Gravatar Image
    Paypal phishing?

    Its the "Resoloution Centre" link in the mail - hover over it. It aint a real Pay Pall site.

  2. 2) Paul Mooney Said: (04/04/2005 21:59:52 GMT) Gravatar Image
    Paypal phishing?

    In fact, I have seen a few of these new phising mails that have legitimate links tied into the dodgy ones

  3. 3) Ben Rose Said: (04/04/2005 22:02:39 GMT) Gravatar Image
    Paypal phishing?

    Interest Paul, because within the Notes client I pasted that email from, all I could see what the phake URL.

    In fact, taking email to edit mode I get hotspot properties...URL as https://www.paypal.com/cgi-bin/webscr?cmd=login-run the real one...bizarre.

  4. 4) Ben Rose Said: (04/04/2005 22:03:23 GMT) Gravatar Image
    Paypal phishing?

    Ooooh, just tested in Notes...it opened the real site.

    Is notes phishing proof?

  5. 5) Paul Mooney Said: (04/04/2005 22:08:35 GMT) Gravatar Image
    Paypal phishing?

    Hmmm - reckon if you open in Outlook you would get the wrong link... Piece of MS script methinks

  6. 6) Ben Rose Said: (04/04/2005 22:11:15 GMT) Gravatar Image
    Paypal phishing?

    Superb that as soon as I opened it in Microsoft IE then it became a nice clickable phishing link!

  7. 7) Dave Mason Said: (17/04/2005 12:07:14 GMT) Gravatar Image
    Paypal phishing?

    The Internet address that appears when you hover over the link can be bogus, but the real one is in the email's HTML. In IE use View|Source to see it.

Add Comment
 
Subject:
   
Name:
E-mail:
Web Site:
 
Comment:  (No HTML - Links will be converted if prefixed http://)
 
Remember Me?