![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
A Phishing Hook
Mar. 8th, 2006 08:57 amLast Monday I was phished. ...unsuccessfully, of course. The hook arrived baited with a false receipt from PayPal. …for a full set of Golf Clubs to be shipped to an address in California. It addressed me by name and looked all official.
I didn’t see the receipt at first. Norton stopped it from display. All I saw was an email that looked as if it came from service [at] paypal.com. The subject line said “Re: Receipt of Your Payment to ECAP Enterprises, LLC.” But the body only said “Dear Keith Johnson," which was very odd. I started to compose a reply and that’s when the receipt appeared.
I did all the right things. I signed onto my paypal account and looked for the transaction. It didn’t exist of course. Then I contacted Paypal via a land line. They assured me that no transaction had taken place, though I already knew that. They grilled me, repeatedly, to make sure I hadn’t sent any information to the phisherman. Then they asked me to forward the email to their spoof[at]paypal.com.
Over all not a big thing, really. The phisherman had my name, which is easily obtainable, and that I had a paypal account. That’s a little harder to find out, but not such a big deal. Probably they just went through some eBay messages and chose at random.
It's still creepy.
I didn’t see the receipt at first. Norton stopped it from display. All I saw was an email that looked as if it came from service [at] paypal.com. The subject line said “Re: Receipt of Your Payment to ECAP Enterprises, LLC.” But the body only said “Dear Keith Johnson," which was very odd. I started to compose a reply and that’s when the receipt appeared.
I did all the right things. I signed onto my paypal account and looked for the transaction. It didn’t exist of course. Then I contacted Paypal via a land line. They assured me that no transaction had taken place, though I already knew that. They grilled me, repeatedly, to make sure I hadn’t sent any information to the phisherman. Then they asked me to forward the email to their spoof[at]paypal.com.
Over all not a big thing, really. The phisherman had my name, which is easily obtainable, and that I had a paypal account. That’s a little harder to find out, but not such a big deal. Probably they just went through some eBay messages and chose at random.
It's still creepy.
