lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: rms at computerbytesman.com (Richard M. Smith)
Subject: Paypal scam uses Korean school Web server

Hi,

Some criminal type has apparently broken into a Web server belonging to
an elementary school in Korea and has set up a CGI script to collect
people's credit card and bank account information.  To get people to
supply this private information, the scammer has been sending out the
attached spam email message which gives the impression it is from the
PayPal billing department.

The CGI script is located at this URL:

   http://211.34.252.132/secure/PayPalSecurity

The IP address 211.34.252.132 is owned by:

   Haengjoo Kim
   Hajang Elemantary School
   76-1 Goangdong-Ri Hajang-Mayn Samchok-Si
   KANGWON
   +82-33-552-0034
   kngreung@...ack.kornet.net

If someone on this list speaks Korean, can they please let the folks at
Hajang Elementary School that there is a problem and that the scam needs
to be shutdown ASAP.

Richard M. Smith
http://www.ComputerBytesMan.com

Return-Path: <security@...pal.com>
Delivered-To: rms2000-computerbytesman:com-rms@...puterbytesman.com
X-Envelope-To: rms@...puterbytesman.com
Received: (qmail 84944 invoked from network); 19 Apr 2003 18:23:15 -0000
Received: from adsl-64-109-171-17.dsl.chcgil.ameritech.net (HELO
linux8b.local.7188.us) (64.109.171.17)
  by siyazi.pair.com with SMTP; 19 Apr 2003 18:23:15 -0000
Received: from localhost (linux8b.local.7188.us [127.0.0.1])
	by linux8b.local.7188.us (8.12.8/8.12.8) with SMTP id
h3JIXIwD008939
	for <rms@...puterbytesman.com>; Sat, 19 Apr 2003 13:33:25 -0500
Message-Id: <200304191833.h3JIXIwD008939@...ux8b.local.7188.us>
From: <security@...pal.com>
To: <rms@...puterbytesman.com>
Subject: PayPal Security check
Date: Sat, 19 Apr 2003 13:33:18 -0500
X-Mailer: sendEmail-1.40
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

Dear valued PayPal member,

It has come to our attention that your eBay Billing Information records
are out of date. That requires you to update the Billing Information If
you could please take 5-10 minutes out of your online experience and
update your billing records, you will not run into any future problems
with eBay's online service. However, failure to update your records will
result in account termination. Please update your records in maximum 24
hours.

Once you have updated your account records, your eBay session will not
be interrupted and will continue as normal. Failure to update will
result in cancellation of service, Terms of Service (TOS) violations or
future billing problems.

Please click here to update your billing records.

Thank you for your time!
Marry Kimmel,
PayPal Billing Department team.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ