For those that get "Paypal" and "Ebay" emails

[KingOtter]

[ QUOTE ]
This has been posted several times here but I am going to post on the subject again:

I got an email from "Paypal" saying that my account has been compromised and that I need to log in. Well we all know that it is "phishing" so they can get your account and password. I clicked on the link to see the address and it was "http://hometown.aol.de/elisabeth2211/". So it is a complete fake and worse the hacker is lazy. Can't even at least try to make the address look like paypal. These guys are scum.

[/ QUOTE ]

I send them to spoof@ebay.com and spoof@paypal.com.

I always get the same annoying canned answer back, but I like to think somehow somewhere they're being tracked down.

KO

[Ro-me-ro]

-----Original Message-----
From: abuse@megamailservers.com [mailto:abuse@megamailservers.com]
Sent: Wednesday, September 14, 2005 5:02 PM

Subject: Re: FW: Phishing site needs to be removed

Hello,

The specified site (http://hometown.aol.de/elisabeth2211/) is not actually hosted by us; however, it was redirecting traffic to a phishing site on our system.
The domain on our system has been terminated for violating our TOS.

We thank you for your assistance with this matter.

Regards,

Alex R.
abuse@megamailservers.com

DNS Admin wrote:

>
>
>
>
> ------------------------------------------------------------------------
>
> *From:* Ellis Romero
> *Sent:* Wednesday, September 14, 2005 8:59 AM
> *To:* support@internetnamesforbusiness.com
> *Cc:* spoof@paypal.com
> *Subject:* Phishing site needs to be removed
>
>
>
> Hello Sirs,
>
>
>
> The following site http://hometown.aol.de/elisabeth2211/
> (216.251.31.94) hosted by your ISP needs to be immediately removed and
> the owners contacted with regards to running a PayPal password
> phishing scam. I would expect that you would want to sever yourself
> from any such activity with immediate effect. Please let me know what
> action you take,
>
>
>
> Regards,
>
>
>
> Ellis Romero
>

[Keith Fellmy]

wow I didn't know you could turn them in somewhere (other than ebay or paypal.) Cool. Nice post romero!!!!

[Ro-me-ro]

Basically it was just an email to the ISP of the hosting site. Usually gets the ball rolling quicker than a direct email to Paypal.

Rom

[jedi]

[ QUOTE ]
Basically it was just an email to the ISP of the hosting site. Usually gets the ball rolling quicker than a direct email to Paypal.

Rom

[/ QUOTE ]

Is there anything anyone can do to put these assholes behind bars or fine them or anything? One ISP shuts them down, they'll just do it again.

If you PM me the IPs of the phishers then I could initiate a distributed denial of service attack(DDos) against them. I could knock them offline for at least a day. Let me know what you want to do.

[jman220]

[ QUOTE ]
If you PM me the IPs of the phishers then I could initiate a distributed denial of service attack(DDos) against them. I could knock them offline for at least a day. Let me know what you want to do.

[/ QUOTE ]

Umm... So you admit to maintaining a trojan virus of some sort that controls at least hundreds of computers? You're as bad as the phishers.

[ QUOTE ]
[ QUOTE ]
If you PM me the IPs of the phishers then I could initiate a distributed denial of service attack(DDos) against them. I could knock them offline for at least a day. Let me know what you want to do.

[/ QUOTE ]

Umm... So you admit to maintaining a trojan virus of some sort that controls at least hundreds of computers? You're as bad as the phishers.

[/ QUOTE ]

Okey dokey.

[CORed]

[ QUOTE ]
If you PM me the IPs of the phishers then I could initiate a distributed denial of service attack(DDos) against them. I could knock them offline for at least a day. Let me know what you want to do.

[/ QUOTE ]

Well, it looks like these clowns were using somebody's AOL home page. Although the idea of doing a DDOS against AOL has a certain appeal, it would be likely to get you in trouble. Possibly the phishers were dumb enough to use their on AOL account, but more likely they hacked somebody else's account. One time I found a phishing web site was hosted on a machine whose web root looked to be the web site for a Chinese electronics store. I also found that the server in question had an open telnet connection, which leads me to believe that the phishers simply scanned for an open telnet connection, hacked in and put their web site there. I find that very often, by the time I see a phishing email, the site that it links to has already been taken down. I think they usually use a server that they have hacked into, rather than uaing one that they own or paying someody to host it. It's much harder to trace the responsible parties that way.

[TobDog]

I have gotten a few of these to my gmail account, which ironically is not used with my ebay/paypal accounts, they are listed in the spam section, and when you open them, the gmail client has a big red warning at the top stating that this email is/may be not from the original stated sender, which I think is great and would fix many of the problems of people entering in the info thinking it is real.

tobdog