Both eBay and PayPay provide fraud information about these scams via their website. To view information on or report an eBay phishing scam, visit the eBay Security Center. PayPal provides limited information regarding these scams, but victims can report the fraudulent email at https://www.paypal.com/ewf/f=sa_fake.
Example of Mimail.I email worm message (italics are for emphasis only and are not found in the original message):
- Dear PayPal member,
PayPal would like to inform you about some important information regarding your PayPal account. This account, which is associated with the email address
<recipient's email address>
will be expiring within five business days. We apologize for any inconvenience that this may cause, but this is occurring because all of our customers are required to update their account settings with their personal information.
We are taking these actions because we are implementing a new security policy on our website to insure everyone's absolute privacy. To avoid any interruption in PayPal services then you will need to run the application that we have sent with this email (see attachment) and follow the instructions. Please do not send your personal information through email, as it will not be as secure.
IMPORTANT! If you do not update your information with our secure application within the next five business days then we will be forced to deactivate your account and you will not be able to use your PayPal account any longer. It is strongly recommended that you take a few minutes out of your busy day and complete this now.
DO NOT REPLY TO THIS MESSAGE VIA EMAIL! This mail is sent by an automated message system and the reply will not be received.
Thank you for using PayPal.
Example of Mimail.P email:
- Dear PayPal.com Member,
We here at PayPal.com are pleased to announce that we have a special New Year offer for you! If you currently have an account with PayPal then you will be eligible to receive a terrific prize from PayPal.com for the New Year. For a limited time only PayPal is offering to add 10% of the total balance in your PayPal account to your account and all you have to do is register yourself within the next five business days with our application (see attachment)!
If at this time you do not have a PayPal account of your own you can also register yourself with our secure application and get this great New Year bonus! If you fill out the secure form we have provided PayPal will create an account for you (it's free) and you will receive a confirmation e-mail that your account has been created.
The Mimail.P email then promises the same offer for friends and family who wish to participate. Of course, opening the attachment infects the recipient, spreads the email worm to others. Any information entered into the form is sent to the criminals.
Following is an example of a standard PayPal phishing email:
- Dear PayPal user,
We recently reviewed your account, and suspect that your PayPal account may have been accessed by an unauthorized third party. Protecting the security of your account and of the PayPal network is our primary concern. Therefore, as a prevention measure, we have temporarely limited access to sensitive PayPal account features. Please click on the link below to confirm your information:
https://www.paypal.com/fraudcheck/secure/bill.html?sl=070304
For more information about how to protect your account, please visit PayPal's Security Center, accessible via the "Security Center" link located at the bottom of each page of the PayPal website.
We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of the entire PayPal system. Thank you for your prompt attention to this matter.
Sincerely,
The PayPal Team
The display link in the above phishing example actually points to a directory on a Korean website at http://smba.swu.ac.kr. That site also 'hosts' an eBay phishing scam. The criminals appear to be using DynaForm to send any information entered in the form fields to the following email address: vinmails@secureroot.com.
See also:
