Phishing For Dollars

I got an email from PayPal this morning. It was a receipt for a purchase I’d made.

Dear PayPal member,

This email confirms that you have paid MICROBAZAR $175.85 USD using PayPal.

This credit card transaction will appear on your bill as “PAYPAL MICROBAZAR.*”

Thank you for your purchase!

Of course I didn’t make that purchase.

My first reaction was anger.

I read on to see it was for the purchase of a Nokia cellphone and got angrier. That was what was supposed to happen! The sender wanted me to click the link, sign on and lodge a complaint.

Since the destination of the link was this phishing scammer, they would get my username and password. Pretty sneaky, right?

I’m pretty sophisticated about the web, but for at least a few seconds I thought this was real. I also know there are lots of others who never make that connection and click the link, trying to clear their name and giving up their account information instead.

As a, sort of, public service, I’m putting a copy of the phishing message here, so you can see what I saw that tipped me off.

First, the return address. It looks like came from some a strange domain: jumpy.it, in Italy. Tracing headers, it looks like it really came from Belgium. Bottom line is, all PayPal’s mail comes from paypal.com.

The website you get to after clicking the link is in France, assigned to:

role: AMEN NOC

address: AMEN – Agence des Medias Numeriques

address: 12/14, rond-point des champs elysees

address: 75008 Paris, France

phone: +33 8 92 55 66 77

The second tipoff was the link on the email. It didn’t match what showed up in my status bar. If that toolbar is off on your PC, you should go into the view section of your mail program and/or browser and turn it on now.

There should probably be some ‘truthing’ built into browsers and mail programs to discern when what you see is not what you get. Instead, it’s easy to get fooled by a clever phisher who has done a good job of socially engineering his bait.

Is the phony PayPal site you’re sent to a zombified computer? Possibly. Did the thieves wait until it was closing time in France on a Friday afternoon before hatching their plot? Probably.

There was a time you couldn’t walk through Times Square in New York with your family. It was sleazy, scuzzy, unsafe. Over time, that changed. I hope the Internet can be effectively policed as well.