|
|
how to collect credit card numbers with PINs Sunday, August 10 2003
Today was the Sunday I discovered that there are no hardware stores open on Sunday in Saugerties. I desperately needed some romex clamps, but the closest I came to obtaining some was at one of those liquidator places that stays open on Sundays. The liquidators (who had set up shop in a beautiful old 19th Century factory - had some things that were pretty close to romex clamps - they had spools of romex wire, electrical tape, and even pipe clamps) but they didn't have what I'd come for. Neither did the mirror-façaded Price Chopper, the ugliest structure within walking distance of downtown Saugerties. It turned out to be nothing more than a supersized grocery store, the sort building codes should strictly prohibit.
The following content appeared today in my inbox as an HTML email message:
Dear PayPal Customer |
This e-mail is the notification of recent innovations taken by PayPal to detect inactive customers and non-functioning mailboxes.
The inactive customers are subject to restriction and removal in the next
3 months.
Please confirm your email address and credit card information by logging in to your PayPal account
using the form below: |
This notification expires September 31, 2003
|
Thanks for using PayPal!
|
|
Superficially, I was fooled into thinking this actually was a message from PayPal. It looked like other PayPal emails I've received, but what was this about asking me for my credit card number and PIN number? That seemed pretty suspicious. So I did a "view source" to see where the form intended to send my data. This is where:
http://www.paypal.com@pitstylehomepage.port5.com/000pp.php
Notice the use of an "@" in the URL. That's an old spammer trick to hide the true form's target, the part that follows the @. If I were to type my info into that form and hit "Log In," the information would go to pitstylehomepage.port5.com/000pp.php. As far as I can tell, port5.com is a free webpage provider, sort of like Geocities. Imagine someone filling that form out and sending their information to an anonymous web account! I'll bet a sizable fraction of the people receiving this email did just that. It only takes one or two to make the sending of this "social hack" spam an extremely valuable endeavor.
For linking purposes this article's URL is: http://asecular.com/blog.php?030810 feedback previous | next |