良くできてるPayPalフィッシングメール
05/11/06 02:32 Category: Spam&Phishing
PayPalのFraudを装ったフィッシングメールが来た.かなり本格的.一見実際にPayPalから来るメールをそのままである.
自分のアカウントへの不穏な動きを警告するメール.アカウント保護のため,指定されたサイトへ行って個人情報をアップデートしろと書いてある.ここだけドメインが"paypaldirect.hk"で,しかもhttpsではない.行ってみたけど,PayPalのログインサイトそっくり.
このメール,元はhtmlフォーマットなのだが,ソースの画像もpaypalドメインから引っ張ってきている.送り主のアドレスはPayPalのアドレスだし,だましサイト以外のリンクはホントのPayPalへのリンク.
使っていないメアドに来たので気がついたから良かったが,こりゃ〜思わず引っかかりそうな出来である.
一応PayPalにこれってPhoshing?と問い合わせてみたが,返事が来ない.ていうかPayPal,フィッシングが多くてどれがホントなのか信用できぬ.
以下メールの内容「(※)」は補足
*****
Return-path:
Received: from no.name.available by [
Date: Fri, 03 Nov 2006 06:49:32 +0000
From: PayPal
Subject: PayPal: Update Your PayPal Account
Message-id: <9DD0C2A6.2644127@
MIME-version: 1.0
Content-type: multipart/alternative;boundary="Boundary_(ID_9udn40w9X1vO2k7PTqKW9A)"
X-Accept-Language: en-us, en
User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050716)
Dear PayPal Member, PayPal is committed to maintaining a safe environment for its community of buyers and sellers. To protect the security of your account, we employ the most advanced security systems in the world and regularly screen our system for unusual activity.
Recently, our Account Review Team identified some unusual activity in your account. Per PayPal's user agreement, we have limited access to your account until this issue has been resolved. This is a fraud prevention measure meant to ensure that your account is not compromised.
In order to secure your account and quickly restore full access, we require some specific information from you.
Login follow our secure site and update all necessary informations to your account.
<http://www.paypaldirect.hk/index.html>Click here to restore your account access(※香港ドメイン)
Thank you for your prompt attention to this matter. Please understand that this is a security measure meant to help protect you and your account. We apologize for any inconvenience.
Sincerely,
PayPal Account Review Department.
Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance,log in to your PayPal account and choose the "Help" link in the footer of any page.
PayPal Email ID PP8790 CopyrightԤ 2006, PayPal Inc., All rights reserved. Designated trademarks and brands are the property of their respective owners.
Protect Your Account Info
Make sure you never provide your password to fraudulent websites.
To safely and securely access the PayPal website or your account, open a new web browser (e.g. Internet Explorer or Netscape) and type in the PayPal login page (http://paypal.com/) to be sure you are on the real PayPal site.
PayPal will never ask you to enter your password in an email.
For more information on protecting yourself from fraud, please review our Security Tips at https://www.paypal.com/us/securitytips
Protect Your Password
You should never give your PayPal password to anyone.
*******
自分のアカウントへの不穏な動きを警告するメール.アカウント保護のため,指定されたサイトへ行って個人情報をアップデートしろと書いてある.ここだけドメインが"paypaldirect.hk"で,しかもhttpsではない.行ってみたけど,PayPalのログインサイトそっくり.
このメール,元はhtmlフォーマットなのだが,ソースの画像もpaypalドメインから引っ張ってきている.送り主のアドレスはPayPalのアドレスだし,だましサイト以外のリンクはホントのPayPalへのリンク.
使っていないメアドに来たので気がついたから良かったが,こりゃ〜思わず引っかかりそうな出来である.
一応PayPalにこれってPhoshing?と問い合わせてみたが,返事が来ない.ていうかPayPal,フィッシングが多くてどれがホントなのか信用できぬ.
以下メールの内容「(※)」は補足
*****
Return-path:
Received: from no.name.available by [
Date: Fri, 03 Nov 2006 06:49:32 +0000
From: PayPal
Subject: PayPal: Update Your PayPal Account
Message-id: <9DD0C2A6.2644127@
MIME-version: 1.0
Content-type: multipart/alternative;boundary="Boundary_(ID_9udn40w9X1vO2k7PTqKW9A)"
X-Accept-Language: en-us, en
User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050716)
Dear PayPal Member, PayPal is committed to maintaining a safe environment for its community of buyers and sellers. To protect the security of your account, we employ the most advanced security systems in the world and regularly screen our system for unusual activity.
Recently, our Account Review Team identified some unusual activity in your account. Per PayPal's user agreement, we have limited access to your account until this issue has been resolved. This is a fraud prevention measure meant to ensure that your account is not compromised.
In order to secure your account and quickly restore full access, we require some specific information from you.
Login follow our secure site and update all necessary informations to your account.
<http://www.paypaldirect.hk/index.html>Click here to restore your account access(※香港ドメイン)
Thank you for your prompt attention to this matter. Please understand that this is a security measure meant to help protect you and your account. We apologize for any inconvenience.
Sincerely,
PayPal Account Review Department.
Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance,
PayPal Email ID PP8790 CopyrightԤ 2006, PayPal Inc., All rights reserved. Designated trademarks and brands are the property of their respective owners.
Protect Your Account Info
Make sure you never provide your password to fraudulent websites.
To safely and securely access the PayPal website or your account, open a new web browser (e.g. Internet Explorer or Netscape) and type in the PayPal login page (http://paypal.com/) to be sure you are on the real PayPal site.
PayPal will never ask you to enter your password in an email.
For more information on protecting yourself from fraud, please review our Security Tips at https://www.paypal.com/us/securitytips
Protect Your Password
You should never give your PayPal password to anyone.
*******
新着情報
