PayPal phishing in attachments
Yesterday MX Lab reported regarding a phishing email that has no URL but instead an attached HTML document with a web form included. Since then we see more similar cases and also PayPal is subject to this technique. The senders address shows us www.paypal.com This e-mail address is being protected from spambots. You need JavaScript enabled to view it but this is spoofed. The email was sent from 69.128.90.226, an [...]


Yesterday MX Lab reported regarding a phishing email that has no URL but instead an attached HTML document with a web form included. Since then we see more similar cases and also PayPal is subject to this technique. The senders address shows us “www.paypal.com” < This e-mail address is being protected from spambots. You need JavaScript enabled to view it > but this is spoofed. The email was sent from 69.128.90.226, an IP address in the US, pointing to mail.dandlequipment.com.

The body of the email:

To make sure everything is in order,please download the PayPal Security Account Verification and fill in all the required data for verfication.

The actual webpage:

The webform makes a POST to hxxp://0xD5.0xC3.0xDF.0xA9/paypalverification.php/.


Read Full Article
Written on Sunday, 08 November 2009 19:43 by

Viewed 57 times so far.
Like this? Tweet it to your followers!
Published in Subscribe to the RSS feed of Network Security & Hacking News  Network Security & Hacking News / Subscribe to the RSS feed of Latest Security News  Latest Security News
Like this? Let your friends know now!

Rate this article

Latest articles from

Latest 'tweets' from GovernmentSecurity

blog comments powered by Disqus
back to top
 

Our Sponsors

Shoutcast Streams | Internet Radio HOSTINGLitespeed Web HostingIRC | IRCd | Internet Relay Chat HostingEarn Recurring Income

Member Login