INTERACT FORUM

Please login or register.

Login with username, password and session length
Advanced search  
Pages: 1 2 [3]   Go Down

Author Topic: Fake PayPal Spam Problem  (Read 44667 times)

John Gateley

  • Citizen of the Universe
  • *****
  • Posts: 4957
  • Nice haircut
Re:Fake PayPal Spam Problem
« Reply #100 on: January 10, 2004, 01:14:50 am »

Hi Y'all,

CCs are very safe. If there were any chance of compromise there, you would have heard from us already.

Thanks again for the patience and the calm tone!

j

RhinoBanga

  • Citizen of the Universe
  • *****
  • Posts: 1703
  • Developer
Re:Fake PayPal Spam Problem
« Reply #101 on: January 10, 2004, 02:21:50 am »

Hi Y'all,

CCs are very safe. If there were any chance of compromise there, you would have heard from us already.

Thanks again for the patience and the calm tone!

j



What information did they get?

Names and addresses?
Logged

graham131

  • Regular Member
  • Galactic Citizen
  • ****
  • Posts: 345
  • Yadb (get it?) dabba do.....
Re:Fake PayPal Spam Problem
« Reply #102 on: January 10, 2004, 07:41:31 am »

Hi Guys,

Sorry only just read all of this.  I got 1 too, immediately reported it to spoof@paypal.com.

My domain is a uk one, @btconnect.com

Cheers

Graham
Logged

Chasoscar

  • Regular Member
  • World Citizen
  • ***
  • Posts: 141
  • Being is Important......... being important is not
Re:Fake PayPal Spam Problem
« Reply #103 on: January 10, 2004, 12:59:15 pm »

I got it also thru hotmail account. I dont use the IRC chatroom.
Logged

John Gateley

  • Citizen of the Universe
  • *****
  • Posts: 4957
  • Nice haircut
Re:Fake PayPal Spam Problem
« Reply #104 on: January 10, 2004, 01:27:10 pm »

Hi Y'all,

Thanks for the info, we've got enough now.

I saw a few people mention they don't have paypal accounts. The fraud spam is not directed at individuals, they just blast away to whatever e-mail addresses they have, and those who happen to have paypal will sometimes respond. JRiver doesn't have ANY info on your paypal account, we don't accept paypal.

j

RhinoBanga

  • Citizen of the Universe
  • *****
  • Posts: 1703
  • Developer
Re:Fake PayPal Spam Problem
« Reply #105 on: January 10, 2004, 01:35:20 pm »

John,

As I asked before ... what information did they get?

Just our email addresses or more?
Logged

jleerigby

  • Guest
Re:Fake PayPal Spam Problem
« Reply #106 on: January 10, 2004, 01:39:38 pm »

Quote
Even if they were (and I like you sincerely hope not) it's not your problem.  It's the banks problem provided you have not been reckless and have conformed with the terms and conditions of the card.
True of you have a credit card... Of course many people hav VISA (of MC / AMEX) debit cards and in the UK a debit card does not have the same protections as a credit card and the money is out of your account before you have a chance to correct it.. Instead of the security of VISA witholding the merchants money (usually 90 days with VISA merchants) the bank faces an actual money loss and is therefore MUCH tougher about paying back funds.  Moral is use a credit card instead of a debit card every time...

For those with SPAM issues I strongly recomend Cloudmarks Spamnet... I have my email public all over forums and get a >10:1 spam ratio but its not a problem as spamnet gets 99% of it and cleans it all out for me to a SPAM folder... The community reporting method works great.

The principle remains the same whether it's credit or debit card.  If the retailer cannot provide your signature or other proof that you initiated the transaction for a purchase of goods/service and you have not done anything silly or fraudulent then you will get a refund.  I take your point though that the ease with which you get your refund will vary depending on the attitude of the representative of your bank.

(I work for a very large global bank based in the UK.)
Logged

JimH

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 72380
  • Where did I put my teeth?
Re:Fake PayPal Spam Problem
« Reply #107 on: January 10, 2004, 01:57:35 pm »

email addresses were the only problem.

This was reported above.
Logged

sraymond

  • Guest
Re:Fake PayPal Spam Problem
« Reply #108 on: January 10, 2004, 02:06:07 pm »

email addresses were the only problem.

This was reported above.

Is it possible to change the e-mail address associated with INTERACT?

I'm sure it'll never happen again, but I'd really like to keep my "e-mail for life" account safe-as-can-be.

Scott-
Logged

JimH

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 72380
  • Where did I put my teeth?
Re:Fake PayPal Spam Problem
« Reply #109 on: January 10, 2004, 02:07:53 pm »

You can modify your profile.
Logged

RhinoBanga

  • Citizen of the Universe
  • *****
  • Posts: 1703
  • Developer
Re:Fake PayPal Spam Problem
« Reply #110 on: January 10, 2004, 02:42:29 pm »

email addresses were the only problem.

This was reported above.

Where?

On this page or on pages 1 or two?

I couldn't see it hence the question.
Logged

JimH

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 72380
  • Where did I put my teeth?
Re:Fake PayPal Spam Problem
« Reply #111 on: January 10, 2004, 02:56:44 pm »

Jamie,
For security reasons, I would prefer to minimize discussion of any detail.  I hope you'll understand.

Jim

We now believe that the database was accessed from the outside.  It exists on a machine that is outside our firewall  (it has to be).  The only thing on it that would affect you is the e-mail address database.
Logged

dpbeatley

  • Regular Member
  • Junior Woodchuck
  • **
  • Posts: 50
Re:Fake PayPal Spam Problem
« Reply #112 on: January 10, 2004, 08:21:01 pm »

Got 2 emails from the fake PayPal scam. Headers were identical for both so I'm including only one: (personal info x'ed out)
========================

Status:  U
Return-Path: <verification@paypal.com>
Received: from mail.epost.de ([193.28.100.164])
   by james.mail.atl.earthlink.net (EarthLink SMTP Server) with ESMTP id 1aEEq4J83Nl3r10
   for <xxxxxxx@mindspring.com>; Thu, 8 Jan 2004 12:58:07 -0500 (EST)
Received: from [62.111.240.130] (62.111.240.130) by mail.epost.de (6.7.015) (authenticated as nathaly@epost.de)
        id 3FFBD47C0003A462 for xxxxxxxx@mindspring.com; Thu, 8 Jan 2004 18:58:07 +0100
Date: Thu, 8 Jan 2004 18:58:07 +0100 (added by postmaster@mail.epost.de)
Message-ID: <3FFBD47C0003A462@PPD27101.x.de> (added by postmaster@mail.epost.de)
From: "PayPal" <verification@paypal.com>
X-Mailer: PayPal Mailer
Reply-To: "PayPal" <verification@paypal.com>
To: xxxxxxx@mindspring.com
Subject: Verify your identity
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit<html>
=============================================

BTW all- prior to knowing that JRiver may be the source, I notified PayPal and sent them the headers as well.

Hang the bastard!
Dennis
Logged

Sam

  • Regular Member
  • Galactic Citizen
  • ****
  • Posts: 300
Re:Fake PayPal Spam Problem
« Reply #113 on: January 10, 2004, 09:11:35 pm »

After the PayPal email, I changed the email address in my profile and my megaskin (I think they're separate) to a new "temporary" address that I just created.  I just got a new PayPal email to that address today!
Logged

Griff

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 710
Re:Fake PayPal Spam Problem
« Reply #114 on: January 10, 2004, 09:23:21 pm »

Well when this stuff happen , I sent it to Ebay.

They were out of two people who had the private addr., the only other one  that I could assume their database was compromised.
Logged

pbreet

  • Regular Member
  • World Citizen
  • ***
  • Posts: 160
  • nothing more to say...
Re:Fake PayPal Spam Problem
« Reply #115 on: January 10, 2004, 10:27:56 pm »

I've received two of the paypal emails, I was not sure till now they were spam, but I always delete stuff like that, so I simply deleted them.  My mother says I'm too paranoid....
Logged

antolod

  • Regular Member
  • Recent member
  • *
  • Posts: 37
  • nothing more to say...
Re:Fake PayPal Spam Problem
« Reply #116 on: January 10, 2004, 10:42:49 pm »

I got one too.  But my email is used for several forums friends/family.  @insightbb.com and I've had relatively little spam, mostly junk email from manufacturers or vendors I have done business with.  I won't bother posting the header, since John said he has enought info, but it was the epost.de one.
Logged
Kevin
- - - - - - - - - - - - - - - - - - - - - - - - - - -
iPod 30gig
WinXP/ P4 2gig
Media Center 11.0.changes daily - 8040 files so far...

paulr

  • Regular Member
  • Citizen of the Universe
  • *****
  • Posts: 527
  • nothing more to say...
Re:Fake PayPal Spam Problem
« Reply #117 on: January 10, 2004, 10:55:48 pm »

I received one of these "paypal" scam emails as well just today.  In Outlook/IE it was almost impossible to tell it was faked.

I *just* paid for MC10 as well.

Email domain is sbcglobal.net

Header:

X-Apparently-To: xxxxx@sbcglobal.net via web80407.mail.yahoo.com; Sat, 10 Jan 2004 15:54:56 -0800
X-YahooFilteredBulk: 193.28.100.167
Return-Path: <verification@paypal.com>
Received: from vmb-ext.prodigy.net (207.115.63.87)
  by mta820.mail.sc5.yahoo.com with SMTP; Sat, 10 Jan 2004 15:54:55 -0800
X-Header-Overseas: Mail.from.Overseas.source.193.28.100.167
X-Originating-IP: [193.28.100.167]
Received: from mail.epost.de (mail.epost.de [193.28.100.167] (may be forged))
   by vmb-ext.prodigy.net (8.12.10/8.12.10) with ESMTP id i0ANssCE484674
   for <xxxxx@sbcglobal.net>; Sat, 10 Jan 2004 18:54:54 -0500
Received: from [62.111.240.130] (62.111.240.130) by mail.epost.de (6.7.015) (authenticated as nathaly@epost.de)
        id 40007E6E0000310A for xxxxx@sbcglobal.net; Sun, 11 Jan 2004 00:54:52 +0100
Date: Sun, 11 Jan 2004 00:54:52 +0100 (added by postmaster@mail.epost.de)
Message-ID: <40007E6E0000310A@PPD27104.x.de> (added by postmaster@mail.epost.de)
From: "PayPal" <verification@paypal.com>
X-Mailer: PayPal Mailer
Reply-To: "PayPal" <verification@paypal.com>
To: xxxxx@sbcglobal.net
Subject: Verify your identity
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit<html>
X-Text-Classification: personal
Logged

John Gateley

  • Citizen of the Universe
  • *****
  • Posts: 4957
  • Nice haircut
Re:Fake PayPal Spam Problem
« Reply #118 on: January 10, 2004, 11:15:00 pm »

I *just* paid for MC10 as well.

It was sent to your forum address, not to the address you used for payment (even though they may be the same).

Again: purchase data is secure. It's not the same machine, it's not the same location, it's not the same data, and security is a lot tighter on that machine.

On a side note, one of the things that confused me was I had a couple of e-mail addresses in the forum that were unique, and I didn't receive the spam. It arrived today :(

j

Charlemagne 8

  • Citizen of the Universe
  • *****
  • Posts: 1999
Re:Fake PayPal Spam Problem
« Reply #119 on: January 10, 2004, 11:27:37 pm »

It's not just Interact. I have several of those fake's on several different addresses, some of which are on neither Interact or Ebay.
Logged
That's right.
I'm cool.

Griff

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 710
Re:Fake PayPal Spam Problem
« Reply #120 on: January 10, 2004, 11:43:45 pm »

Quote
On a side note, one of the things that confused me was I had a couple of e-mail addresses in the forum that were unique, and I didn't receive the spam. It arrived today

Quote
It's not just Interact. I have several of those fake's on several different addresses, some of which are on neither Interact or Ebay.

So whats in common here?
Logged

John Gateley

  • Citizen of the Universe
  • *****
  • Posts: 4957
  • Nice haircut
Re:Fake PayPal Spam Problem
« Reply #121 on: January 10, 2004, 11:45:17 pm »

It's not just Interact. I have several of those fake's on several different addresses, some of which are on neither Interact or Ebay.

Thanks for reminding me, I've been meaning to say this.

I've been getting the paypal fraud for over a month now, they will use whatever addresses they can find, attained in whatever way they can.

I'm sure they purchase e-mail addresses from other spammers, and now I know they resort to illicit means to get addresses as well. This is probably the "logical next step" to the recent news that spammers and hackers were joining forces to create viruses/trojans that invade computers and then use them to send spam.

If you get the paypal scam, it may or may not be from Interact.

j

scott_r

  • Regular Member
  • Galactic Citizen
  • ****
  • Posts: 306
Re:Fake PayPal Spam Problem
« Reply #122 on: January 10, 2004, 11:47:13 pm »

YAY! I finally got TWO PayPal emails! I was beginning to feel left out there!

The header is identical to all the others, so I won't bother posting it.

One of the addresses I used to sign up on Interact and purchase MC9, and the other I used to purchase MC10.

EDIT - Deleted a, on second thoughts, foolish comment.

Scott.
Logged

John Gateley

  • Citizen of the Universe
  • *****
  • Posts: 4957
  • Nice haircut
Re:Fake PayPal Spam Problem
« Reply #123 on: January 10, 2004, 11:50:26 pm »

Quote
On a side note, one of the things that confused me was I had a couple of e-mail addresses in the forum that were unique, and I didn't receive the spam. It arrived today

Quote
It's not just Interact. I have several of those fake's on several different addresses, some of which are on neither Interact or Ebay.

So whats in common here?

Nothing, really. I have been receiving the paypal scam for a while. But I didn't receive it at the addresses on the forum until today.

j

Griff

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 710
Re:Fake PayPal Spam Problem
« Reply #124 on: January 11, 2004, 12:52:22 am »

Quote
But I didn't receive it at the addresses on the forum until today.

Thats what bugs me.

i dont think its this place.

But it might be some place we all frequent.

Thats what I meant by in common.
Logged

John Gateley

  • Citizen of the Universe
  • *****
  • Posts: 4957
  • Nice haircut
Re:Fake PayPal Spam Problem
« Reply #125 on: January 11, 2004, 01:00:29 am »

Hi Griff,

They are pulling addresses from multiple places using multiple techniques. They are sending millions of e-mails, not a few hundred or even a few thousand.

j

Omni

  • Regular Member
  • Citizen of the Universe
  • *****
  • Posts: 827
Re:Fake PayPal Spam Problem
« Reply #126 on: January 11, 2004, 01:06:44 am »

Yeah, I finally got hit today as well.  :o  It's a good thing, too, because after three pages of this thread, I was starting to feel a little left out.  ;D
Logged

Zoner

  • Regular Member
  • World Citizen
  • ***
  • Posts: 198
  • nothing more to say...
Re:Fake PayPal Spam Problem
« Reply #127 on: January 11, 2004, 01:53:05 am »

Shouldn't J River send out an email to all email addresses used to register for this forum, warning people about this scam?  I almost clicked on the link, and I'm far from a newbie.  Some forum users *will* lose money because of this scam, and they won't be happy to learn that J River knew about the problem but didn't inform them.
Logged

sraymond

  • Guest
Re:Fake PayPal Spam Problem
« Reply #128 on: January 11, 2004, 02:01:05 am »

Shouldn't J River send out an email to all email addresses used to register for this forum, warning people about this scam?  I almost clicked on the link, and I'm far from a newbie.  Some forum users *will* lose money because of this scam, and they won't be happy to learn that J River knew about the problem but didn't inform them.

Agreed.  Though Darwin might not share our viewpoint!

Scott-
Logged

Uwe

  • Regular Member
  • Galactic Citizen
  • ****
  • Posts: 321
Re:Fake PayPal Spam Problem
« Reply #129 on: January 11, 2004, 05:14:37 am »

Ok, got two Spam Mails too. Just wondering why they wait so long ?
Uwe
Logged

ph_bradley

  • Regular Member
  • World Citizen
  • ***
  • Posts: 112
  • Shagadelic Baby!!
Re:Fake PayPal Spam Problem
« Reply #130 on: January 11, 2004, 07:27:58 am »

i very much hope that jriver has reported this (as far as I'm concerned) MASSIVE security flaw to YaBB since from readiong this forum it seems clear that somehow they have pooled our adresses for the board's database. I very much hope then, if they can get our addy's, they can't / haven't already got our passwords. I'm sure several less paranoid users than myself will use the same password for more critical services than a message board.
Logged
Welcome to flipmode

JimH

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 72380
  • Where did I put my teeth?
Re:Fake PayPal Spam Problem
« Reply #131 on: January 11, 2004, 08:19:28 am »

i very much hope that jriver has reported this (as far as I'm concerned) MASSIVE security flaw to YaBB since from reading this forum it seems clear that somehow they have pooled our adresses for the board's database. I very much hope then, if they can get our addy's, they can't / haven't already got our passwords. I'm sure several less paranoid users than myself will use the same password for more critical services than a message board.
For security reasons, we are not yet saying much about what we know.  Please don't assume that you know.  It only adds to the confusion.

Changing passwords is always a good idea.
Logged

salsbst1

  • Regular Member
  • World Citizen
  • ***
  • Posts: 244
Re:Fake PayPal Spam Problem
« Reply #132 on: January 11, 2004, 09:47:15 am »

Please reconsider the reasons that you have your database outside the firewall.  If there are app servers outside your firewall that need access to it, give them static IPs and poke a hole in the firewall.
Logged

LisaRCT

  • Guest
Re:Fake PayPal Spam Problem
« Reply #133 on: January 11, 2004, 10:19:31 am »

Hi Griff,

They are pulling addresses from multiple places using multiple techniques. They are sending millions of e-mails, not a few hundred or even a few thousand.

j


This scam is not new . . .  this has happened several times in the past, but with eBay letters instead of PayPal.
Logged

JimH

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 72380
  • Where did I put my teeth?
Re:Fake PayPal Spam Problem
« Reply #134 on: January 11, 2004, 11:01:30 am »

I'm closing this thread now.  I think everything that can be said has been said several times.

As I've said above, we won't say more right now.
Logged
Pages: 1 2 [3]   Go Up