Customer Scammed by Phishing
A website posing to be Paypal was able to obtain credit card and paypal information from a customer this week by a hacker using the popular method of social engineering called Phishing. Phishing in a nutshell is the process a hacker uses to con a user into giving their bank, credit card, paypal account and other sensitive information to them by setting up a website or sending an email that looks very similar to a legit one.
In this case my customer was sent an email from Paypal. He had just setup a Paypal account a few days earlier and this email prompted him to log onto the Paypal site and verify his information. He clicked on the link in the email which took him to a website that looked identical to Paypal. After entering his name and password he was taken to a screen to enter his credit card information. After he entered all this information he was taken to a legit Paypal page which displayed an error message.
Something didn’t seem right to him at this point and he contacted me. Once we investigated the email it was determined that this was a fake Paypal website. Our next step was to contact Paypal and the credit card company and report the problem. Luckily both his credit card and paypal account had not been accessed by the hacker. We changed his password and other security information in his Paypal account and his credit card was reported stolen and cancelled.
In this case our customer was lucky. Aside from time lost, and the fact he won’t be able to use his credit card for a few days until the new one arrives, he didn’t loose anything.
Please take the time to educate yourself about internet scams. Never submit personal information to anyone via email. Paypal and other websites which may ask for personal and secure information will never do so via email. These sites also have articles which will assist you in spotting fake emails from them. Below are a few links to some of these articles:
- Author: Brian
- Posted on: Tuesday November 1, 2005
- Under: Tech-Advice