I received a Paypal spoof tonight that was so good it nearly got me - and I’ve been seeing (and reporting) Paypal spoofs for several years now. I just posted it to IMHO because I couldn’t figure a rationale to put it in GQ. Why did I angst over it? Because I want as many people as possible to see it, 'cause I clicked on it without thinking. It was only because my browser didn’t pop my login into the form that I looked at the URL. :eek:
When a person has something they consider really, really serious and feel it needs max exposure on SDMB, what should that person do?
If you have an email system that gives the actual url when you mouseover a link, always do so first. Always. ALWAYS. Just do it automatically, no matter what.
All the PayPal and eBay emails that look like that are frauds, of course, and after the zillionth one you just automatically send them to spoof@. But if you’re in the habit of doing the mouseover then you won’t get caught even with the first one.
If I felt really defensive about this, I’d go into Eudora and count how many spoofs I’ve forwarded to both Paypal and eBay in the last several years (I’ve been eBaying since 1998, but only using Paypal for 3 or 4 years). Because I tend to be rather suspicious where financial matters are concerned, I take a jaundiced view of anything like that. But that was where these spoofers got me: It is geared to provoke an absolutely spinal reflex in any budget-conscious person. It says, “Your account has been charged for …” It gives circumstantial evidence of all kinds. It tells what the item is, and the price is high enough to freak most of us - $300+. And it gives a name, address and email of the putative seller. And then it says approximately, “If you didn’t do this, you can dispute the charge.” And gives a link to dispute.
As I said before, this is an entirely new order of sophistication in spoofing, the work of a master conman (or woman). And because the webpage the link opens is also a very good facsmile of the Paypal logon page, anyone who doesn’t have their logon saved to a bookmark/favorite is quite likely to go ahead and fill in the logon. Where they screwed up was in not spoofing a better URL. I’m sure the next version will have fixed that little oversight.
I really, really wish there were a way I could post the body of the message here (it’s a gif). I think you’d be impressed by all the clever psychological manipulation it contains.