Identity theft attempt?

Patrick Barnes nman64 at n-man.com
Tue Jan 24 05:54:26 UTC 2006 

David Fletcher wrote:
> I set up an email box specifically for use with this email list just a few 
> days ago.
>
> I submitted some work to the list on Friday that I've not yet had a response 
> to, but what puzzles me is that today I had a genuine email from paypal to 
> the normal address that I set up for use with ebay and paypal, asking me to 
> update my credit card details because it was about to expire.
>
> Also today to the address I set up for this list only, I received two 
> fraudulent emails, claiming to be from paypal and Barclays, both also saying 
> that my card details were about to expire, and both having http links in the 
> email pointing to a server at 202.134.78.92.
>
> Has anybody else had any emails like this? I have not used this address 
> anywhere but with the Documentation list.
>
> Dave Fletcher
>
>   
The arrival of the fraudulent emails and the legitimate email in the
same day are purely coincidence.  That kind of spoofed message is very
common, and you can always safely discard them.  As a precautionary
measure, I generally recommend that people never use links from emails
to visit ecommerce sites.  In many clients, especially web-based ones,
you cannot rely upon any part of the link details (in the status bar or
elsewhere) to be accurate, as there are tricks to disguise the actual
destination.  If you have even an inkling that the message is
fraudulent, you shouldn't even open it.  It will never cause you a
problem if you miss a legitimate email from eBay or PayPal, so you don't
need to worry about missing a potentially legitimate one.  You can
always manually point your web browser to their respective sites to
check in on your account if you feel the need.

There are many, many ways that email harvesters can collect your
addresses.  It is likely that one of your past messages hit a public
archive and the harvesters picked up the email from there.  As far as
the content of the message, this is also likely a coincidence, as that
rouse is one of the more common techniques.  I would only be concerned
if the emails displayed some part of your actual card number.  Think of
it this way: if they already have your information, they don't need to
trick you into giving it to them.  ;-)

If you have any other questions regarding online security or email
fraud, let me know.

-- 
Patrick "The N-Man" Barnes
nman64 at n-man.com

http://www.n-man.com/
-- 
Have I been helpful?  Rate my assistance!  http://rate.affero.net/nman64/


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/docs/attachments/20060123/0acd4795/attachment.bin

More information about the docs mailing list