| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: partysan_FFF at gmx.net (partysan_FFF@....net) Subject: Would you trust these Emails (EBAY & PAYPAL) HD> Hi, HD> i've received these two emails, and i dont know why.... HD> What do you think about this? HD> regards, HD> Harald Dumdey HD> --------------------------------------------------------- HD> The EBAY-Mail was sent by in-187-185.dhcp-149-166.iupui.edu HD> WHOIS-Output HD> Search results for: 149.166.187.185 HD> OrgName: Indiana University-Purdue University at Indianapolis HD> OrgID: IUUAI HD> Address: University Information Technology Services HD> Address: ET 012 HD> Address: 799 West Michigan Street HD> City: Indianapolis HD> StateProv: IN HD> PostalCode: 46202 HD> Country: US HD> NetRange: 149.166.0.0 - 149.166.255.255 HD> CIDR: 149.166.0.0/16 HD> NetName: IUPUI-NET2 HD> NetHandle: NET-149-166-0-0-1 HD> Parent: NET-149-0-0-0-0 HD> NetType: Direct Assignment HD> NameServer: DNS1.IU.EDU HD> NameServer: DNS2.IU.EDU HD> Comment: HD> RegDate: 1991-05-06 HD> Updated: 2003-12-22 HD> TechHandle: ON6-ORG-ARIN HD> TechName: INDIANA UNIVERSITY COMPUTING SERVICES HD> TechPhone: +1-317-274-7788 HD> TechEmail: oitnoc@...ui.edu HD> OrgTechHandle: DBE43-ARIN HD> OrgTechName: Beals, Damon HD> OrgTechPhone: +1-317-274-7946 HD> OrgTechEmail: dbeals@...ui.edu HD> OrgTechHandle: DNSAD60-ARIN HD> OrgTechName: DNS Administrator HD> OrgTechPhone: +1-317-274-0707 HD> OrgTechEmail: dns-admin@...ui.edu HD> # ARIN WHOIS database, last updated 2004-02-20 19:15 HD> # Enter ? for additional hints on searching ARIN's WHOIS database. HD> The PAYPAL-Email shows a link to 210.78.22.113 HD> WHOIS-Output HD> % [whois.apnic.net node-1] HD> % Whois data copyright terms HD> http://www.apnic.net/db/dbcopyright.html HD> inetnum: 210.78.22.64 - 210.78.22.128 HD> netname: SHJITONG-CN HD> descr: JiTong Shanghai Communications Co.,Ltd HD> country: CN HD> admin-c: ZQ15-AP HD> tech-c: ZQ15-AP HD> mnt-by: MAINT-CHINAGBN-AP HD> changed: kevin@...com.cn 19990826 HD> status: ASSIGNED NON-PORTABLE HD> source: APNIC HD> changed: hm-changed@...ic.net 20020827 HD> person: Zhongbao Qian HD> address: Room 1001,Lekai Builing,Shangcheng Road, HD> address: Pudong Xin district,Shanghai HD> country: CN HD> phone: +86-021-58313170 HD> fax-no: +86-021-58312630 HD> nic-hdl: ZQ15-AP HD> mnt-by: MAINT-CHINAGBN-AP HD> changed: kevin@...com.cn 19990826 HD> source: APNIC Hi, the site looks exactly like the site at www.paypal.com, however, there is no verify.html at the "real" paypal site. This smells very much like a scam to get people's billing information. Also, note that the "help" (and all other) buttons are linked to www.paypal.com,not the site from the email. You can report this to paypal (They actually have a "suspicios email" Category) here: http://www.paypal.com/cgi-bin/webscr?cmd=_contact-general. I strongly advise against filling out those forms, and to contact the paypal people.
Powered by blists - more mailing lists