Email Scams

[Ferrets]

OK, you are all probably clever enough to avoid these, but I get them all the time and a friend nearly fell for one yesterday, so I thought I would show you all a quick example of some email scams.

The two I received today both claim to be from Paypal and appear at first glance to have a genuine Paypal email address. They work by scaring you into thinking that somebody has, or is trying to access you paypal account. Don't just think paypal here, there are quite a few posing as online banking etc too. They say for example they need to question a potentially unauthorised transaction. They ask you to click on a link in the email which appears to be a genuine paypal link and log in.

If you hover over the link with your cursor the real address will appear in the bottom left of your screen and will probably say something similar but not quite the same.

For example, hover your cursor over the following link and look in the bottom left:

Paypal (In this example I used the YD website)

What you actually get sent to is a clone of the PayPal site, so that when you enter your password somebody will be able to steal it. Most people will often use the same password for several websites so quite often they will gain access to things like email as well.

Here is one of the emails I received today. I have removed the links just in case:

Dear PayPal Member,

This email confirms that you have sent an eBay payment of $147.85 USD to achad13@yahoo.com for an eBay item.
-----------------------------------
Payment Details
-----------------------------------
Amount: $147.85 USD
Transaction ID: 2LC956793J776333Y
Subject: Digimax 130

Note:If you haven't authorized this charge ,click the link below to dispute transaction and get full refund

Dispute transaction (Encrypted Link )

*SSL connection:PayPal automatically encrypts your confidential information in transit from your computer to ours using the Secure Sockets Layer protocol (SSL) with an encryption key length of 128-bits (the highest level commercially available)

-----------------------------------
Item Information
-----------------------------------

eBay User ID: scratchandgnaw2

----------------------------------------------------------------
Edward Harrell's UNCONFIRMED Address
----------------------------------------------------------------

Edward Harrell
211 David St.
Springtown,
TX 76082
United States

Important Note: Edward Harrell has provided an Unconfirmed Address. If you are planning on shipping items to Edward Harrell, please check the Transaction Details page of this payment to find out whether you will be covered by the PayPal Seller Protection Policy.

----------------------------------------------------------------

This payment was sent using your bank account. By using your bank account to send money, you just:

- Paid easily and securely
- Sent money faster than writing and mailing paper checks
- Paid instantly
- your purchase won't show up on bills at the end of the month. Thanks for using your bank account!

----------------------------------------------------------------

Thank you for using PayPal!
The PayPal Team
PayPal Email ID PP118


These emails generally include logos and the usual stuff you would expect in a genuine email. If anybody is interested I can show you the others. Like I said, most of you are aware of this kind of scam but it might stop at least one person from being conned.

[lloydwatkin]

Trick is if you get an email from any company don't follow the link in the email go to the site directly yourself.

Also never download the images in a suspect email as you can write clever scripts to work out if a message has been read, as I demonstrated to a friend yesterday (its really quite easy). What spam people do is generally text every possible dictionary word at a domain (or trawl the domain for names) and just guess as many email addresses as possible. If the image is downloaded they know its live so they bombard it.

Same thing can be down with a link from a suspect email (same principles, etc), even if you don't enter your details, you were fooled enough to go to the site, so next time you might fall for it!