dank
09-11-2002, 11:49 PM
I haven't looked around to confirm if this is indeed a scam, a la the "PayPaI" of awhile back, but it looks very fishy. I just got an email sent to my PayPal account address saying they had a system failure today and had to take the faulty computer offline. Some data was lost, but no account balances affected (how would they know that?). Please log in and confirm everything is ok, yadda, yadda, yadda...
Where things caught my attention is the link you are taken to when clicked upon is different from the one shown in the email (it's HTML-ified). What you are shown:
https://www.paypal.com/cgi-bin/webscr/?cmd=_login-run
what the link truly is, as embedded in the email:
http://www.paypalsys.com/cgibin/webscr/?cmd=_login-run
It looks like PayPal ... but that's not really their site, is it? If it isn't, the goofballs forgot to change all the links over to their fake site... Also, the form element on the page stays on paypalsys.com:
<FORM ACTION = "?email=" METHOD = "POST">
Looks sketchy... How many account logins do you suppose they'll collect from unsuspecting folk? :( I imagine reporting this to PayPal would be a good thing, although they most likely already know about it.
Dan
Where things caught my attention is the link you are taken to when clicked upon is different from the one shown in the email (it's HTML-ified). What you are shown:
https://www.paypal.com/cgi-bin/webscr/?cmd=_login-run
what the link truly is, as embedded in the email:
http://www.paypalsys.com/cgibin/webscr/?cmd=_login-run
It looks like PayPal ... but that's not really their site, is it? If it isn't, the goofballs forgot to change all the links over to their fake site... Also, the form element on the page stays on paypalsys.com:
<FORM ACTION = "?email=" METHOD = "POST">
Looks sketchy... How many account logins do you suppose they'll collect from unsuspecting folk? :( I imagine reporting this to PayPal would be a good thing, although they most likely already know about it.
Dan