republican-creole
Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Spam, Scam and Phishbusters » PayPal.com phish scam, help me!
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Phish Tracker ·Anti-Phishing Work Group ·Avoid Phishing
[Spam] when someone fakes your email address to spam »
« Played Along With Craigs List  
AuthorAll Replies

garys_2k

join:2004-05-07
Farmington, MI
·Future Nine Corpor..
·Vonage

1 edit		reply to ScamHelpPlease
Re: PayPal.com phish scam, help me!

Yep, likely your hosts file got changed by the phish. You may have more malware, too.

Anyway, paypal's IP is »66.211.168.193 -- use that. It should redirect you to their https site.

ETA, from their website:

PayPal Customer Service:

1-402-935-2050
(a U.S. telephone number)

4:00 AM PST to 10:00 PM PST Monday through Friday
6:00 AM PST to 8:00 PM PST Saturday and Sunday
to forum · permalink · · 2009-01-10 23:21:29 · Reply to this


ScamHelpPlease

@verizon.net

 Thanks, I'm meticulously checking my system right now. I've checked my hosts file and as many places as I can to see DNS server settings, and they appear to be normal. The only way I could think that they could do this is by modifying DNS settings somewhere. I tried accessing the resolved name you gave, and it still seems to try www.paypal.com. The front page looks legit, but I can't be certain. It looks like their customer service just closed. Hopefully I can get in contact with someone tommorow. If anyone has any ideas, I'm open to them. Could they have hijacked something on the server end?
to forum · permalink · 2009-01-10 23:30:50 · Reply to this

garys_2k

join:2004-05-07
Farmington, MI
·Future Nine Corpor..
·Vonage

1 edit		 Their site looks fine on my end, and the address bar shows the green hilite that means it's cert. confirmed the address.

If you're using Firefox you can right-click on the page you get and select View Page Info, then confirm that the identity in the General tab. With IE, right click and select Properties, then check the Certificates button.

You may have been rootkit'd, start here for checking your machine out: »Security Cleanup FAQ »Mandatory Steps Before Requesting Assistance

ETA: Paypal's server doesn't answer pings. Don't worry about that, the IP is the main thing.
to forum · permalink · · 2009-01-10 23:36:17 · Reply to this


ScamHelpPlease

@verizon.net

 Any idea why the site is all in chinese after logging in?

Here is an image i took of the certificate check in firefox:

»i39.tinypic.com/2gw740i.png

to forum · permalink · 2009-01-10 23:55:53 · Reply to this


TestingReply

@verizon.net		reply to garys_2k
test, I can't seem to reply anymore
to forum · permalink · 2009-01-10 23:55:56 · Reply to this
-
Forums » Up and Running » Security » Spam, Scam and Phishbusters[Spam] when someone fakes your email address to spam »
« Played Along With Craigs List  

Friday, 27-Nov 18:51:35 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.republican-creole
page compression OFF
Most commented news this week
· [119] Time Warner Cable Fires Broadside At Broadcasters
· [112] New AT&T Ad Campaign Hits Back At Verizon
· [95] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [70] TiVo Sees Record Customer Losses
· [68] In-Flight Internet Headed For Bumpy Landing?
· [60] Thanksgiving Open Thread
· [59] Verizon CEO: Hulu Will Be Dead Soon
· [38] EFF Wages War On Fine Print
· [38] ICANN Slams DNS Redirection
Most people now reading
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Windows 7 boot manager editing questions [Microsoft Help]
· Bell Response to PIPEDA Request [TekSavvy]
· [Newsgroups] Newzleech down? [Filesharing Software]
· [Vista] Why is HD So Full? [Microsoft Help]
· Leveling to 85 [World of Warcraft]
· ToC 4th boss - Preliminary Strategy for Twin Valkyr [World of Warcraft]
· HOW-TO: QoS and Tomato (fixes "choppy voice") [MagicJack]
· Which GPS? TOMTOM or GARMIN? [General Questions]
· New exploit masquerades as Flash Player upgrade [Security]