Email scammers trying to steal your money can be avoided.s

If you ever post on Craigslist or use PayPal, please be aware that scammers will stop at nothing to steal your information. A very common way to gain access to your financial accounts is known as “phishing”. I got an email purportedly informing me that my PayPal account had been suspended, and that I needed to “verify” my account information.

“Phishing” is a variant of the class of fraud known in computer security circles as “social engineering”. Social engineering is simply a lie. The old fashioned way of using social engineering was to call a business and impersonate someone who is high on a corporate ladder calling into the office to beg the operator to  PLEASE save them embarrassment by looking up login details of the impersonated corporate officer, giving it to the caller over the phone. The call is often accompanied by a manufactured crisis to boost the importance of the caller getting the login details immediately.

Now the scammers send an authentic appearing email to their intended victims, using classic  social engineering methodologies.

Once you have clicked the link in the authentic appearing email your web browser gets directed to a very authentic appearing copy of PayPal’s website hosted elsewhere on the internet, with the intent of stealing your password and login information to empty your PayPal account.

The easiest way to detect a scam like this is to hover your mouse over the link the scammers intend for you to click and check the web address, which usually appears in the bottom frame of the window you are viewing the email in.

Be aware that this fraud is not limited to PayPal – it can involve any business entity that can be used to gain access to your financial information – even appearing to be from your bank, credit union, or stock broker.

The link in the email below shows  as being to the secure PayPal website https://paypal.com/resolution  In reality the link leads to->  http://www.harmeen.com/images/sys/httpswww.paypal.com.htm”. This is done with the HTML coding used to display the link’s text.

Be very cautious surfing the the internet and responding to email my friends. The same type of deceptive link in an email can lead you to a site that will overwhelm your computer and install malware and/or viruses onto your PC.


Some good information on infected websites and other malicious software can be found at  StopBadware.org


Please do NOT click on anything below this – it is a copy of the email I received – minus some of the authentic appearing images from PayPal – the links are live to the scammers site.

PayPal

Dear Customer,

We need your help resolving an issue with your account. To give us time to work together on this, we’ve temporarily limited what you can do with your account until the issue is resolved.

We understand it may be frustrating not to have full access to your PayPal account. We want to work with you to get your account back to normal as quickly as possible.

Please click on the link below to initiate the verification process:

https://paypal.com/resolution

 

Yours sincerely,
PayPal

Copyright © 2012 PayPal. All rights reserved.

PayPal Email ID PP277

 

Comments are closed.