Tuesday, October 24, 2006

beware the identity phishers

I received an email last night that was supposedly from paypal. Oddly enough, it wasn't to my primary email account, but to an older account I had never used with paypal. But for that they might have got me. It's pretty slick looking, but it still had a flaw that gave it away. Here's the email the way it appeared in Thunderbird (click for larger view):

Note that moving the cursor arrow over the link makes the destination url appear at the bottom of the screen. The first part of the hidden url has a Portugese url suffix! I checked with paypal, they don't HAVE a paypal localized site in Portugal.

Had I fallen for their ruse, I'd have been directed to a fake paypal site, where I'd reveal my paypal password when I attempted to login. Here's a lesson, stricter Judges and longer prison sentences keep these dickwads off the stre- er, I mean, never ever goto paypal without typing in the url yourself!.

Here's a legitimate email from paypal. They didn't even use their own logo in this instance.


When I think of people stealing from me, I feel deep rumblings of rage, burried under a lifetime of self control and learned civilized behavior. If I were an uncivilized barbarian, I'd have their guts perforated with a rusty pitchfork.


1 comment:

R2K said...

: )