Karaoke Scene's Karaoke Forums

Spam detection software, running on the system "box94.bluehost.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.

Content preview: BOA Dear Customer, We regret to inform you that your Bank
   of America online banking account has been suspended. Please understand that
   this drastic measure was taken in order to protect your online privacy. Bank
   of America tracks all online activity. This tracking system tells us, among
   others, if you are using your account from a different computer(s) than the
   one you registered on. We recently noticed that your account has been accessed
   from several foreign IP addresses. [...]

Content analysis details: (11.4 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
0.7 SPF_NEUTRAL SPF: sender does not match SPF record (neutral)
1.3 MISSING_HEADERS Missing To: header
0.0 NORMAL_HTTP_TO_IP URI: Uses a dotted-decimal IP address in URL
2.9 HTTPS_IP_MISMATCH BODY: IP to HTTPS link found in HTML
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60%
   [score: 0.5000]
1.5 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only
1.9 INVALID_MSGID Message-Id is not valid, according to RFC 2822
3.1 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.

Author:	Steven Kaplan [ Sat Sep 15, 2007 4:33 pm ]
Post subject:	PayPal
Been a long time since I've used PayPal and after loads of phishing fraud Emails I just stopped using it (since I used a credit card) but I'd like to start buying on Ebay again.. A few things I forgot regarding PayPal.. Do I need to confirm my account by entering my bank account info assuming my transacting is minimal as opposed to just using my CC info they already have ? I don't recall if years back they had info regarding my bank account, (which is info they want to "confirm account") or just CC info which was used (I bought small stuff nothing that cost much)... Anyway, given all the phishing crap I still get in my older AOL account, I'm wondering if it's advantageous to enter more info than just CC info..

Author:	eben [ Sat Sep 15, 2007 4:46 pm ]
Post subject:	Re: PayPal
Hey Kappy, I use Paypal all the time and I never gotten in to any trouble. Just be careful of phishing by ignoring anything other than your transaction you have made, which is easy because of the email address of the people you are sending or receiving money to or from. You can use your verified bank account to pay for things directly from your checking account. When you signed up and was verified, they should have a small deposit or two, usually like 11 cents, to your bank account. If you entered that amount on their web site, you should have direct two way in to your bank account. One thing nice about using your bank account to pay for it is they provide up to $2000 fraud prevention insurance type of thing to protect your purchases. I haven't used it yet but that's what they are promising.

Author:	Steven Kaplan [ Sat Sep 15, 2007 5:05 pm ]
Post subject:	Re: PayPal
Problem in my case I believe Eben is I have several AOL SN's and AOL mailboxes which get numerous daily Ebay messages as well as Paypal verification notices regarding problems with my "item" ______ , and people inquiring about my "auction" (which is non-existent to my knowledge), and of course the infamous, "Sorry but due to the recent relocation of bookkeeping we seem to have misplaced the pertinent info regarding your accounts". You name it, it's become daily from a few of these places.. Yet I have strict filters on these account too. Regarding Paypal, the messages look impeccably similar to actual Paypal messages and I've forwarded these and they turn out to be phishing. Some of these crooks are good ! Problem is, I have filters on these Email addresses NOT allowing general spam to get in.. Yet these hacks are filtering thru my Email controls that ONLY allow specified individuals access. It gets confusing ! My concern is that this cunning thieves will also link to direct deposit and start stealing from my Checking account too.. Sure I'd in time find out, problem is... I'd assume NOT set myself up for such a situation assuming this isn't an uncommon event. I had Paypal, and had no probs.. Thing is, the phishing started a few years after I DID not have any activity on Ebay, or on Paypal... They were pretty much dormant..

Author:	knightshow [ Sat Sep 15, 2007 8:55 pm ]
Post subject:	Re: PayPal
I love yahoo mail for filtering that stuff out. Once I determine it's "spam" or a phishing one, it gets marked as spam, and I never see 'em again. As with anything, you have to be VERY careful... one guy sent me a link ten mins before my auction was up on ebay... asked if my item was the same or similar to "this" item. I was logged onto ebay at the time, and when I clicked his link, it wanted me to enter my ebay info again. Smelling a rat, I checked the link, and it had a DE or DZ end... so I never responded to him, but sent a note to ebay about it. they said it was a common phishing problem and again, to be very careful of what I click on! Me loves paypal, though!

Author:	karyoker [ Sat Sep 15, 2007 11:08 pm ]
Post subject:	Re: PayPal
Kappy Ive run over 10 grand through Paypal Never had any problems but here are some hints. Register with a different middle initial.. Any official email from Paypal will include that full name and never provide a link to log in. Some banks will also have the last 4 of the debit card. Anything other than that forward to spoof@paypal.com..

Karaoke Scene's Karaoke Forums https://mail.karaokescene.net/forums/

PayPal https://mail.karaokescene.net/forums/viewtopic.php?f=1&t=10867	Page 1 of 1

Author:	Steven Kaplan [ Sat Sep 15, 2007 11:28 pm ]
Post subject:	Re: PayPal
Matt, Maybe that's the key. NOT to have anything financial on America Online Email . With Sbcglobal (ATT) which is Yahoo I might have more security.

Author:	karyoker [ Sat Sep 15, 2007 11:46 pm ]
Post subject:	Re: PayPal
A server such as Bluehost has viable spam detection. There are banned url's (known phishers links) And anything that does not contain pure text. Example: Code: Spam detection software, running on the system "box94.bluehost.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: BOA Dear Customer, We regret to inform you that your Bank of America online banking account has been suspended. Please understand that this drastic measure was taken in order to protect your online privacy. Bank of America tracks all online activity. This tracking system tells us, among others, if you are using your account from a different computer(s) than the one you registered on. We recently noticed that your account has been accessed from several foreign IP addresses. [...] Content analysis details: (11.4 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.7 SPF_NEUTRAL SPF: sender does not match SPF record (neutral) 1.3 MISSING_HEADERS Missing To: header 0.0 NORMAL_HTTP_TO_IP URI: Uses a dotted-decimal IP address in URL 2.9 HTTPS_IP_MISMATCH BODY: IP to HTTPS link found in HTML 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60% [score: 0.5000] 1.5 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only 1.9 INVALID_MSGID Message-Id is not valid, according to RFC 2822 3.1 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook The original message was not completely plain text, and may be unsafe to open with some email clients; in particular, it may contain a virus, or confirm that your address can receive spam. If you wish to view it, it may be safer to save it to a file and open it with an editor.

Author:	LondonLive [ Sun Sep 16, 2007 4:26 am ]
Post subject:	Re: PayPal
I've seen a few good idea's on here. Kappy, what I did to kind of safe guard myself or minimize possible damage, was to open a separate checking account at my bank that I use for Paypal only type transactions. I keep a minimum amount of cash in that account and as I do all my banking electronically I can move money in and out of it as needed from the comfort of my little chair with wheels on it. I've done it this way for about ten years now and have never run into trouble. As far as phishing, I simply ignore all email asking for any pertinent information as I know Paypal, Ebay nor my bank ask for information via email.

Author:	LondonLive [ Sun Sep 16, 2007 4:27 am ]
Post subject:	Re: PayPal
oops, double post

Author:	Steven Kaplan [ Sun Sep 16, 2007 8:06 am ]
Post subject:	Re: PayPal
Ollie, Is bluehost freeware, or another paid server ?

Author:	karyoker [ Sun Sep 16, 2007 9:13 am ]
Post subject:	Re: PayPal
It is the one Ive had my .com and forum on bluehost] Ive had about three this is the best one Ive had yet. They even give fast online chat support 24/7.

Author:	Steven Kaplan [ Mon Sep 17, 2007 9:50 pm ]
Post subject:	Re: PayPal
Again today. This is one type of phishing attempt, there are many ----------------------------------------------------------------------------------------------- As part of our security measures, we regularly screen activity in the PayPal system. We recently noticed the following issue on your account: We would like to ensure that your account was not accessed by an unauthorized third party. Because protecting the security of your account is our primary concern, we have limited access to sensitive PayPal account features. We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection. Case ID Number: PP-072-838-482 https://www.paypal.com/us/cgi-bin/websc ... laint-view For your protection, we have limited access to your account until additional security measures can be completed. We apologize for any inconvenience this may cause. To review your account and some or all of the information that PayPal usedto make its decision to limit your account access, please visit the Resolution Center https://www.paypal.com/. If, after reviewing your account information, you seek further clarification regarding your account access, please contact PayPal by visiting the Help Center and clicking "Contact Us". We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience. Sincerely, PayPal Account Review Department PayPal Email ID PP64595 ====================================================== How is a person to determine that this is phishing or genuine ? Reason It was obvious is that when the link was clicked by me AOL disabled it since mail has been denied by this known phishing source.. Glad AOL did that THIS time, it hadn't in the past.. But these look quite real

Author:	Steven Kaplan [ Mon Sep 17, 2007 10:12 pm ]
Post subject:	Re: PayPal
What's confusing is these hackers also are using legit Paypal hyperlinks within the body of their message..

Author:	knightshow [ Mon Sep 17, 2007 10:48 pm ]
Post subject:	Re: PayPal
yeah, that's how they get people... they put authentic links for some of it, but the "click here" to logon stuff, usually are redirect urls that go to www1.paypal.com or a flat out numbered url with paypal on the end of it! ! Got one today from Bank of America telling me that I was in danger of losing my online ability with them (yeah right, don't BANK with them), and when I looked at their email ... this is what I saw: It has come to our attention that your Online Banking has expired due to inactivity. If you want to continue using our services, please enroll now in our new Online Banking: Access Plus On-line Banking service. It's free. It's easy. It's secure. Please note: If you do not enroll within the next 24 hours, your online services will be limited and eventually deleted. Get started with Online Banking now. Enroll today > Best Regards, Bank of America Online Banking Support The "Enroll today" link was this... www.humanidades.cl/Fonts/.%20/.cgi-bin/ ... famerica...

Author:	karyoker [ Tue Sep 18, 2007 9:05 am ]
Post subject:	Re: PayPal
A couple of years ago my ATM was refused so I went down to the bank Wells Fargo. At the time I was doing a few hundred dollar dealings thru Paypal. So the gal called the main office and this guy said Did you make a purchase out of Hong Kong for $600? No!!!You didnt try to buy a big screen? No!!! We both started giggling. He said I saw a red flag I shut it down.. Sir I thank you!!!! Email.......They dont email they have other ways

Page 1 of 1	All times are UTC - 8 hours
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/

Author:	Steven Kaplan [ Mon Sep 17, 2007 11:06 pm ]
Post subject:	Re: PayPal
Matt, This type of heading is what throws me however. Especially since I haven't been doing transacting lately that utilizes either Ebay or Paypal. These are generated as Paypal URL's. I have VERY strict spam filters on my mail control of this account. I must manually enter the URL I allow to mail me. This somehow impersonates or is a Paypal heading that has fooled my spam filter.. Otherwise it couldn't get past. I have about 40 specific individuals I allow access to that particular SN on America Online (paypal and Ebay domains being several). Assuming my America Online domain for Paypal hadn't been inactive for quite a few years, this would've likely bluffed me. Here's the heading the hacker used ----------------- Forwarded Message: Subj: Unauthorized access to your PayPal account! Date: 9/16/2007 12:41:32 PM Eastern Daylight Time From: service (at)paypal (dot)com Reply-to: no-reply(at)paypal (dot)com Sent from the Internet (Details) (I wrote out the conjunctions since KS software intercepts links. The Heading came from what appeared as actual Paypal domain serice@Paypal and actual dot com or actual Paypal URL (or so it appeared, these were Paypals domain in the heading) ==== Fortuneately America Online didn't allow completion or graphics from this sender. To a person that doesn't do much transacting, how is one to know this isn't a Paypal URL ? What I'm going to do is open a separate checking accout to use for online transacting keeping enough to handle menial purchases I might wish to make that don't recognise CC's.. Unless I learn some tricks that assure me I can thwart future attempts, these crooks are good at what they do.

Author:	vettelady [ Tue Sep 18, 2007 8:47 am ]
Post subject:	Re: PayPal
Steve thats what I did...opened a small checking account specifically for use with PayPal and did the same with an email address...I put it in an account that is used for nothing else. Since there is not a lot of junk in there and my every day email doesn't go there, its a bit easier to monitor. I also backed it up with a real small credit card so that if anything were to happen, it wouldn't be too hard of a hit. So far I've been lucky...and a lot of stuff from PayPal I just don't open unless it refers to a recent transaction that I know I made. And from PayPal itself, they tell you not to click any links but go to your account by other means....same with ebay. So far so good!! Drea

Author:	vettelady [ Tue Sep 18, 2007 9:08 am ]
Post subject:	Re: PayPal
Thats true...that happened to someone else I know and it was also out of Hong Kong...sucked the money right out of the account. I don't think there is a way to prevent that, but I don't make many large purchases and just keep enough in the account to cover what I do purchase. Nothing is foolproof, I just protect myself as best I can.