PayPal Scams and Bulgarian "New York Style" Bagel Crisps
I get these (the PayPal scams, not the Bagel Crisps) relatively frequently (as most of us do) and I've developed a quick and very efficient technique to help thwart these bastards. which I'd like to share:
1) First, understand how to identify a Paypal scam email. You can do that by visiting here. The most important thing to understand is that you can make a hyperlink say anything you want. It's the underlying URL that's important. In most email clients, if you mouse over the link, you'l get a tooltip that shows you the real link URL. If it is anything else except "https://www.paypal.com/cgi-bin/webscr/?cmd=_login-run ", then you can BET its a scam.
2) Do a whois lookup on the domain of the target url. This usually only takes a minute. Now you know who the domain is registered to. This is usually, but not always, the perpetrator. In many cases, you can actually get their name, address, and contact email!
3) At this point, what I usually do is trace back to the nameservers or do a Tracert (DOS COMMAND: Tracert www.badguy.com ) to find out where its landing. The last entry in the traceroute list before the actual target IP Is usually the domain of the hosting company.
4) Then, i forward the spam email to abuse@thehostingcompany.com with a note that they are hosting a Paypal scammer and they better FIX IT. Usually, if they are reputable, they will put the guy out of business within FIVE MINUTES. I just did one to somebody from menage-paypal.com that turned out to be hosted in Poland, and I got a thank you reply within minutes.
5) you can of course forward the errant email (preferably with the full email headers) to spoof@paypal.com. However, they are pretty overloaded, so a little vigilante-ism as above can certainly help!
If more people do what I describe above, or similar actions, we can all help to make it very unprofitable for the spammers to even try anymore.
The moral of the story is:
Everything is not always what it seems, so be aware. There really are people out there who want to hurt you, and they DO NOT CARE! So, instead of being fearful, what you need to do is take steps to PROTECT YOUR ASS. I just looked at the side of my bag of "New York Style" Bagel Crisps. They're made in BULGARIA. That's doesn't "rip me off", but it's an example. You gotta understand something: These spammers and scammers are just like terrorists. You DON'T NEGOTIATE with these manaics. You dont "hope" that they will go away. What you do is you GO AFTER THEM, wherever they are, and YOU PUT THEM OUT OF BUSINESS. Period!
1) First, understand how to identify a Paypal scam email. You can do that by visiting here. The most important thing to understand is that you can make a hyperlink say anything you want. It's the underlying URL that's important. In most email clients, if you mouse over the link, you'l get a tooltip that shows you the real link URL. If it is anything else except "https://www.paypal.com/cgi-bin/webscr/?cmd=_login-run ", then you can BET its a scam.
2) Do a whois lookup on the domain of the target url. This usually only takes a minute. Now you know who the domain is registered to. This is usually, but not always, the perpetrator. In many cases, you can actually get their name, address, and contact email!
3) At this point, what I usually do is trace back to the nameservers or do a Tracert (DOS COMMAND: Tracert www.badguy.com ) to find out where its landing. The last entry in the traceroute list before the actual target IP Is usually the domain of the hosting company.
4) Then, i forward the spam email to abuse@thehostingcompany.com with a note that they are hosting a Paypal scammer and they better FIX IT. Usually, if they are reputable, they will put the guy out of business within FIVE MINUTES. I just did one to somebody from menage-paypal.com that turned out to be hosted in Poland, and I got a thank you reply within minutes.
5) you can of course forward the errant email (preferably with the full email headers) to spoof@paypal.com. However, they are pretty overloaded, so a little vigilante-ism as above can certainly help!
If more people do what I describe above, or similar actions, we can all help to make it very unprofitable for the spammers to even try anymore.
The moral of the story is:
Everything is not always what it seems, so be aware. There really are people out there who want to hurt you, and they DO NOT CARE! So, instead of being fearful, what you need to do is take steps to PROTECT YOUR ASS. I just looked at the side of my bag of "New York Style" Bagel Crisps. They're made in BULGARIA. That's doesn't "rip me off", but it's an example. You gotta understand something: These spammers and scammers are just like terrorists. You DON'T NEGOTIATE with these manaics. You dont "hope" that they will go away. What you do is you GO AFTER THEM, wherever they are, and YOU PUT THEM OUT OF BUSINESS. Period!
What do u have against Bulgaria ???
ReplyDeleteNothing. They could have chosen to call them Bulgarian Style Bagel Crisps, you know.
ReplyDeleteThanks for the good advice. I get these "scam" e-mails all the time, and I keep them in a "Scams" folder in my e-mail for future reference. I wonder if anyone is ever prosecuted for these?
ReplyDeleteAlso, in the USA, forward phishing email (with full headers and the actual website the embedded link directs you to)to reportphishing@antiphishing.org . The Anti-Phishing Working Group, a consortium of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.
ReplyDeleteAnd forward the same copy to spam@uce.gov.