July 02, 2006PayPal Phisher Using the Bogus Charge (Again)
It's a tactic I've seen often. Only the names change to protect the guilty.
Today's PayPal phishing message claims to be a confirmation of a payment made from your account in the amount of $474.99 for a Nokia Cell Phone to LWPELECTRONICS. The shipping address is to somewhere in Maine, an address that seems familiar to me from previous similar pitches for Sony products.
The claim ends with this kind of thing:
If you haven't authorized this charge, click the link below to cancel the payment and get a full refund.
The link takes you not to PayPal, but to a hijacked server in South Korea that displays a PayPal login lookalike page. No, it's not hosted at bora.net, but the owners haven't done anything about it for the last 18 hours. Sadly, par for the course.
If you ever get one of these things and still wonder if there is a charge on your PayPal account, log into your account the normal way—not by clicking the link in the email—and check your account history. You'll find no such activity in your account to dispute.Posted on July 02, 2006 at 08:05 PM