The everyday blog of Richard Bartle.
RSS feeds: v0.91; v1.0 (RDF); v2.0.
12:04pm on Tuesday, 28th June, 2005:
Comment
I received an email just now saying Jay Clark has just sent you $28.00 USD with PayPal [259603]. It was sent to muse@mud.co.uk, which doesn't have a Paypal account (although I was pretty sure it was a scam anyway). Still, I followed the link to find out where it went.
It went to http://www.hubertuswochen.de/.www.paypal.com/login-run/index.html, though it tries to hide this by putting an image over the address line. It's a pretty good spoof.
The perpetrator is probably piggy-backing on some poor sod's hacked web site, but since the login.php script it runs is also on that site police investigators should be able to track where the phished password and email address are going fairly sharpish — hopefully before too many people get taken in. I don't know what happens when you fill in the form with dud information, and I've no intention of finding out...
I forwarded the email to spoof@paypal.com.
Referenced by Learning the Trade.
Latest entries.
Archived entries.
About this blog.
Copyright © 2005 Richard Bartle (richard@mud.co.uk).