![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
This morning I get a very well done phishing email in my box for PayPal. It's got a lot of hidden markup with a link that looks like it goes to http://www.paypal.com/cgi-bin/webscr?cmd=_login-run but really goes to "msjertpoortmasurncfhsyuspty.has.it".
A friend of mine is very conscientious and always reports this kind of stuff. I figure I have some time, so I'll do the same. I'm in gmail, so the first bit is easy. Under "more options" there's a "report phishing" link. I don't know why it's a little hidden or doesn't say something like "report fraud", but there it is.
The next step is to tell PayPal proper. No worries, they must have an email address I can just forward this thing to... Well, if they do it's somewhere I couldn't find. I end up fighting a cludgy online form where they want me to cut and paste the text of the mail.
The basic email text will help with a spam filter, but does little to catch the phisher. Being a good geek, I paste the entire text source of the email, complete with routing information.
Well, I can't give them the full text. Something about invalid characters. This is my message.
Having to fill out this form will prevent me from reporting more of these, which is a shame.
Also, your cut and paste did not support the original text, with all the forwarding and HTML spoofing mock up. I would think this would greatly hinder your attempts to solve the problem.
Good luck.
I'm left wondering if they even try to fight the scam they make possible. Is it more effective from their perspective to just pretend to be on top of things? My emailer good deed leaves me more concerned than comforted.
A friend of mine is very conscientious and always reports this kind of stuff. I figure I have some time, so I'll do the same. I'm in gmail, so the first bit is easy. Under "more options" there's a "report phishing" link. I don't know why it's a little hidden or doesn't say something like "report fraud", but there it is.
The next step is to tell PayPal proper. No worries, they must have an email address I can just forward this thing to... Well, if they do it's somewhere I couldn't find. I end up fighting a cludgy online form where they want me to cut and paste the text of the mail.
The basic email text will help with a spam filter, but does little to catch the phisher. Being a good geek, I paste the entire text source of the email, complete with routing information.
Well, I can't give them the full text. Something about invalid characters. This is my message.
Having to fill out this form will prevent me from reporting more of these, which is a shame.
Also, your cut and paste did not support the original text, with all the forwarding and HTML spoofing mock up. I would think this would greatly hinder your attempts to solve the problem.
Good luck.
I'm left wondering if they even try to fight the scam they make possible. Is it more effective from their perspective to just pretend to be on top of things? My emailer good deed leaves me more concerned than comforted.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
From:
no subject
From:
no subject
Have a good day today.
From:
no subject