Geoff Fox – Protector of the Internet

Just a few minutes ago I got a ‘phishing’ email. You know the ones… update your PayPal password before we shut off your account. Of course it’s just a way to ‘phish’ for your data.

DEAR me@geofffox.com

It has come to our attention that your PayPal Billing Information records are

out of date. That requires you to update the Billing Information.

Failure to update your records will result in account termination. Please update

your records within 24 hours. Once you have updated your account records, your

PayPal session will not be interrupted and will continue as normal. Failure to

update will result in cancellation of service, Terms of Service (TOS) violations

or future billing problems.

Please click here to update your billing records.

http://%73%69%74%65%34%2E%61%70%6F%6C%6C%6F%68%6F%73%74%69%6E%67…

The destination address was obscured by breaking it down into its component ASCII numbers instead of using letters. It looks like junk to us, but it’s totally readable by your browser.

Normally, I just delete these, but I’m feeling good tonight and thought I’d break it down. It didn’t take more than a few seconds to find the website, made to look like PayPal, where the data would be dropped.

Normally these are overseas – most often in China or Korea. Not tonight. The address led back to apollohosting.com in Austin, Texas. They have 24/7 tech support on line!

** You are now speaking with Daniel, Technical Support. **

Daniel : Welcome to Technical Support Live Chat ! How can I help you?

Geoff Fox : Look at this url

Geoff Fox : http://site4.apollohosting.com/edwardsgalleries4.com/httpdocs/pp_pp/update.html

A few seconds pause… and then

Daniel : let me log into the server and suspend the account here,

Geoff Fox : Thanks. I thought you might want to know

Daniel : I appreciate this thanks very much

Geoff Fox : Believe me – my pleasure – good night

In the general scheme of things this was like changing deck chairs on the Titanic. Any ‘phisher’ worth his salt has numerous sites, probably paid for with stolen credit cards. At least I did my part.

Blogger’s update – I just retunred to the site a moment ago and it’s still there. Maybe I’m not so smart after all.

Leave a Reply

Your email address will not be published. Required fields are marked *