|
|
View unanswered posts | View active topics
 
|
Page 1 of 1
|
[ 18 posts ] |
|
| Author |
Message |
|
Steven Kaplan
|
 Posted: Sat Sep 15, 2007 4:33 pm |
|
Joined: Mon Jan 03, 2005 6:48 pm
Posts: 13645
Been Liked: 11 times
|
|
Been a long time since I've used PayPal and after loads of phishing fraud Emails I just stopped using it (since I used a credit card) but I'd like to start buying on Ebay again.. A few things I forgot regarding PayPal..
Do I need to confirm my account by entering my bank account info assuming my transacting is minimal as opposed to just using my CC info they already have ?
I don't recall if years back they had info regarding my bank account, (which is info they want to "confirm account") or just CC info which was used (I bought small stuff nothing that cost much)...
Anyway, given all the phishing crap I still get in my older AOL account, I'm wondering if it's advantageous to enter more info than just CC info..
_________________
Northeast United States runner up for the "Singing Hall of Shame".
|
|
| Top |
|
 |
|
eben
|
Posted: Sat Sep 15, 2007 4:46 pm |
|
Joined: Tue May 10, 2005 3:42 pm
Posts: 1395
Location: Silicon Valley, CA
Been Liked: 0 time
|
|
Hey Kappy, I use Paypal all the time and I never gotten in to any trouble. Just be careful of phishing by ignoring anything other than your transaction you have made, which is easy because of the email address of the people you are sending or receiving money to or from.
You can use your verified bank account to pay for things directly from your checking account. When you signed up and was verified, they should have a small deposit or two, usually like 11 cents, to your bank account. If you entered that amount on their web site, you should have direct two way in to your bank account. One thing nice about using your bank account to pay for it is they provide up to $2000 fraud prevention insurance type of thing to protect your purchases. I haven't used it yet but that's what they are promising.
_________________
Seize the day and SING!!!
|
|
| Top |
|
|
|
Steven Kaplan
|
Posted: Sat Sep 15, 2007 5:05 pm |
|
Joined: Mon Jan 03, 2005 6:48 pm
Posts: 13645
Been Liked: 11 times
|
|
Problem in my case I believe Eben is I have several AOL SN's and AOL mailboxes which get numerous daily Ebay messages as well as Paypal verification notices regarding problems with my "item" ______ , and people inquiring about my "auction" (which is non-existent to my knowledge), and of course the infamous, "Sorry but due to the recent relocation of bookkeeping we seem to have misplaced the pertinent info regarding your accounts". You name it, it's become daily from a few of these places.. Yet I have strict filters on these account too.
Regarding Paypal, the messages look impeccably similar to actual Paypal messages and I've forwarded these and they turn out to be phishing. Some of these crooks are good ! Problem is, I have filters on these Email addresses NOT allowing general spam to get in.. Yet these hacks are filtering thru my Email controls that ONLY allow specified individuals access. It gets confusing ! My concern is that this cunning thieves will also link to direct deposit and start stealing from my Checking account too.. Sure I'd in time find out, problem is... I'd assume NOT set myself up for such a situation assuming this isn't an uncommon event. I had Paypal, and had no probs.. Thing is, the phishing started a few years after I DID not have any activity on Ebay, or on Paypal... They were pretty much dormant..
_________________
Northeast United States runner up for the "Singing Hall of Shame".
|
|
| Top |
|
|
|
knightshow
|
Posted: Sat Sep 15, 2007 8:55 pm |
|
Joined: Thu Nov 07, 2002 2:40 am
Posts: 7468
Location: Kansas City, MO
Been Liked: 1 time
|
|
I love yahoo mail for filtering that stuff out. Once I determine it's "spam" or a phishing one, it gets marked as spam, and I never see 'em again.
As with anything, you have to be VERY careful... one guy sent me a link ten mins before my auction was up on ebay... asked if my item was the same or similar to "this" item. I was logged onto ebay at the time, and when I clicked his link, it wanted me to enter my ebay info again. Smelling a rat, I checked the link, and it had a DE or DZ end... so I never responded to him, but sent a note to ebay about it. they said it was a common phishing problem and again, to be very careful of what I click on!
Me loves paypal, though!
|
|
| Top |
|
|
|
karyoker
|
Posted: Sat Sep 15, 2007 11:08 pm |
|
Joined: Wed Jun 30, 2004 3:43 pm
Posts: 6784
Location: Fort Collins Colorado USA
Been Liked: 5 times
|
Kappy Ive run over 10 grand through Paypal Never had any problems but here are some hints. Register with a different middle initial.. Any official email from Paypal will include that full name and never provide a link to log in. Some banks will also have the last 4 of the debit card. Anything other than that forward to spoof@paypal.com..
_________________
Join The Karaokle Singers Social Network. Upload Your Music!!
|
|
| Top |
|
|
|
Steven Kaplan
|
Posted: Sat Sep 15, 2007 11:28 pm |
|
Joined: Mon Jan 03, 2005 6:48 pm
Posts: 13645
Been Liked: 11 times
|
|
Matt, Maybe that's the key. NOT to have anything financial on America Online Email . With Sbcglobal (ATT) which is Yahoo I might have more security.
_________________
Northeast United States runner up for the "Singing Hall of Shame".
|
|
| Top |
|
|
|
karyoker
|
Posted: Sat Sep 15, 2007 11:46 pm |
|
Joined: Wed Jun 30, 2004 3:43 pm
Posts: 6784
Location: Fort Collins Colorado USA
Been Liked: 5 times
|
A server such as Bluehost has viable spam detection. There are banned url's (known phishers links) And anything that does not contain pure text.
Example:
Code: Spam detection software, running on the system "box94.bluehost.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: BOA Dear Customer, We regret to inform you that your Bank
of America online banking account has been suspended. Please understand that
this drastic measure was taken in order to protect your online privacy. Bank
of America tracks all online activity. This tracking system tells us, among
others, if you are using your account from a different computer(s) than the
one you registered on. We recently noticed that your account has been accessed
from several foreign IP addresses. [...]
Content analysis details: (11.4 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.7 SPF_NEUTRAL SPF: sender does not match SPF record (neutral)
1.3 MISSING_HEADERS Missing To: header
0.0 NORMAL_HTTP_TO_IP URI: Uses a dotted-decimal IP address in URL
2.9 HTTPS_IP_MISMATCH BODY: IP to HTTPS link found in HTML
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60%
[score: 0.5000]
1.5 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only
1.9 INVALID_MSGID Message-Id is not valid, according to RFC 2822
3.1 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.
_________________
Join The Karaokle Singers Social Network. Upload Your Music!!
|
|
| Top |
|
|
|
LondonLive
|
Posted: Sun Sep 16, 2007 4:26 am |
|
 |
| Super Poster |
 |
Joined: Sat Jul 28, 2007 6:07 am
Posts: 789
Location: Michigan
Been Liked: 2 times
|
|
I've seen a few good idea's on here. Kappy, what I did to kind of safe guard myself or minimize possible damage, was to open a separate checking account at my bank that I use for Paypal only type transactions. I keep a minimum amount of cash in that account and as I do all my banking electronically I can move money in and out of it as needed from the comfort of my little chair with wheels on it. I've done it this way for about ten years now and have never run into trouble. As far as phishing, I simply ignore all email asking for any pertinent information as I know Paypal, Ebay nor my bank ask for information via email.
_________________
Quickness of mind will deceive the eye
|
|
| Top |
|
|
|
LondonLive
|
Posted: Sun Sep 16, 2007 4:27 am |
|
|
| Super Poster |
|
Joined: Sat Jul 28, 2007 6:07 am
Posts: 789
Location: Michigan
Been Liked: 2 times
|
|
oops, double post
_________________
Quickness of mind will deceive the eye
|
|
| Top |
|
|
|
Steven Kaplan
|
Posted: Sun Sep 16, 2007 8:06 am |
|
Joined: Mon Jan 03, 2005 6:48 pm
Posts: 13645
Been Liked: 11 times
|
|
Ollie, Is bluehost freeware, or another paid server ?
_________________
Northeast United States runner up for the "Singing Hall of Shame".
|
|
| Top |
|
|
|
karyoker
|
Posted: Sun Sep 16, 2007 9:13 am |
|
Joined: Wed Jun 30, 2004 3:43 pm
Posts: 6784
Location: Fort Collins Colorado USA
Been Liked: 5 times
|
It is the one Ive had my .com and forum on
bluehost]
Ive had about three this is the best one Ive had yet. They even give fast online chat support 24/7.
_________________
Join The Karaokle Singers Social Network. Upload Your Music!!
|
|
| Top |
|
|
|
Steven Kaplan
|
Posted: Mon Sep 17, 2007 9:50 pm |
|
Joined: Mon Jan 03, 2005 6:48 pm
Posts: 13645
Been Liked: 11 times
|
Again today.
This is one type of phishing attempt, there are many
-----------------------------------------------------------------------------------------------
As part of our security measures, we regularly screen activity in the
PayPal system. We recently noticed the following issue on your account:
We would like to ensure that your account was not accessed by an
unauthorized third party. Because protecting the security of your
account is our primary concern, we have limited access to sensitive PayPal
account features. We understand that this may be an inconvenience but please
understand that this temporary limitation is for your protection.
Case ID Number: PP-072-838-482
https://www.paypal.com/us/cgi-bin/websc ... laint-view
For your protection, we have limited access to your account until
additional security measures can be completed. We apologize for any
inconvenience this may cause.
To review your account and some or all of the information that PayPal
usedto make its decision to limit your account access, please visit the
Resolution Center https://www.paypal.com/. If, after reviewing your account
information, you seek further clarification regarding your account access, please
contact PayPal by visiting the Help Center and clicking "Contact Us".
We thank you for your prompt attention to this matter. Please understand that
this is a security measure intended to help protect you and your account.
We apologize for any inconvenience.
Sincerely,
PayPal Account Review Department
PayPal Email ID PP64595
======================================================
How is a person to determine that this is phishing or genuine ? Reason It was obvious is that when the link was clicked by me AOL disabled it since mail has been denied by this known phishing source.. Glad AOL did that THIS time, it hadn't in the past.. But these look quite real
_________________
Northeast United States runner up for the "Singing Hall of Shame".
|
|
| Top |
|
|
|
Steven Kaplan
|
Posted: Mon Sep 17, 2007 10:12 pm |
|
Joined: Mon Jan 03, 2005 6:48 pm
Posts: 13645
Been Liked: 11 times
|
|
What's confusing is these hackers also are using legit Paypal hyperlinks within the body of their message..
_________________
Northeast United States runner up for the "Singing Hall of Shame".
|
|
| Top |
|
|
|
knightshow
|
Posted: Mon Sep 17, 2007 10:48 pm |
|
Joined: Thu Nov 07, 2002 2:40 am
Posts: 7468
Location: Kansas City, MO
Been Liked: 1 time
|
yeah, that's how they get people... they put authentic links for some of it, but the "click here" to logon stuff, usually are redirect urls that go to www1.paypal.com or a flat out numbered url with paypal on the end of it!  !
Got one today from Bank of America telling me that I was in danger of losing my online ability with them (yeah right, don't BANK with them), and when I looked at their email ... this is what I saw:
It has come to our attention that your Online Banking has expired due to inactivity. If you want to continue using our services, please enroll now in our new Online Banking: Access Plus On-line Banking service. It's free. It's easy. It's secure.
Please note: If you do not enroll within the next 24 hours, your online services will be limited and eventually deleted.
Get started with Online Banking now. Enroll today >
Best Regards,
Bank of America Online Banking Support
The "Enroll today" link was this... www.humanidades.cl/Fonts/.%20/.cgi-bin/ ... famerica...
|
|
| Top |
|
|
|
Steven Kaplan
|
Posted: Mon Sep 17, 2007 11:06 pm |
|
Joined: Mon Jan 03, 2005 6:48 pm
Posts: 13645
Been Liked: 11 times
|
|
Matt,
This type of heading is what throws me however. Especially since I haven't been doing transacting lately that utilizes either Ebay or Paypal. These are generated as Paypal URL's. I have VERY strict spam filters on my mail control of this account. I must manually enter the URL I allow to mail me. This somehow impersonates or is a Paypal heading that has fooled my spam filter.. Otherwise it couldn't get past. I have about 40 specific individuals I allow access to that particular SN on America Online (paypal and Ebay domains being several). Assuming my America Online domain for Paypal hadn't been inactive for quite a few years, this would've likely bluffed me.
Here's the heading the hacker used
-----------------
Forwarded Message:
Subj: Unauthorized access to your PayPal account!
Date: 9/16/2007 12:41:32 PM Eastern Daylight Time
From: service (at)paypal (dot)com
Reply-to: no-reply(at)paypal (dot)com
Sent from the Internet (Details)
(I wrote out the conjunctions since KS software intercepts links. The Heading came from what appeared as actual Paypal domain serice@Paypal and actual dot com or actual Paypal URL (or so it appeared, these were Paypals domain in the heading)
====
Fortuneately America Online didn't allow completion or graphics from this sender. To a person that doesn't do much transacting, how is one to know this isn't a Paypal URL ? What I'm going to do is open a separate checking accout to use for online transacting keeping enough to handle menial purchases I might wish to make that don't recognise CC's.. Unless I learn some tricks that assure me I can thwart future attempts, these crooks are good at what they do.
_________________
Northeast United States runner up for the "Singing Hall of Shame".
|
|
| Top |
|
|
|
karyoker
|
Posted: Tue Sep 18, 2007 9:05 am |
|
Joined: Wed Jun 30, 2004 3:43 pm
Posts: 6784
Location: Fort Collins Colorado USA
Been Liked: 5 times
|
A couple of years ago my ATM was refused so I went down to the bank Wells Fargo. At the time I was doing a few hundred dollar dealings thru Paypal. So the gal called the main office and this guy said Did you make a purchase out of Hong Kong for $600? No!!!You didnt try to buy a big screen? No!!! We both started giggling. He said I saw a red flag I shut it down.. Sir I thank you!!!! Email.......They dont email they have other ways 
_________________
Join The Karaokle Singers Social Network. Upload Your Music!!
|
|
| Top |
|
|
|
vettelady
|
Posted: Tue Sep 18, 2007 9:08 am |
|
|
| Advanced Poster |
 |
Joined: Sat Jun 04, 2005 12:34 pm
Posts: 277
Location: Northern Michigan
Been Liked: 0 time
|
|
Thats true...that happened to someone else I know and it was also out of Hong Kong...sucked the money right out of the account. I don't think there is a way to prevent that, but I don't make many large purchases and just keep enough in the account to cover what I do purchase. Nothing is foolproof, I just protect myself as best I can.
|
|
| Top |
|
|
|
|
Page 1 of 1
|
[ 18 posts ] |
|
Who is online |
Users browsing this forum: No registered users and 719 guests |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum
|
|
Login
Register
FAQ
Search
