lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <19082319531.20040221132026@gmx.net>
From: partysan_FFF at gmx.net (partysan_FFF@....net)
Subject: Would you trust these Emails (EBAY & PAYPAL)

HD> Hi,

HD> i've received these two emails, and i dont know why....

HD> What do you think about this?

HD> regards,

HD> Harald Dumdey

HD> ---------------------------------------------------------

HD> The EBAY-Mail was sent by in-187-185.dhcp-149-166.iupui.edu

HD> WHOIS-Output

HD>    Search results for: 149.166.187.185


HD> OrgName:    Indiana University-Purdue University at Indianapolis
HD> OrgID:      IUUAI
HD> Address:    University Information Technology Services
HD> Address:    ET 012
HD> Address:    799 West Michigan Street
HD> City:       Indianapolis
HD> StateProv:  IN
HD> PostalCode: 46202
HD> Country:    US

HD> NetRange:   149.166.0.0 - 149.166.255.255
HD> CIDR:       149.166.0.0/16
HD> NetName:    IUPUI-NET2
HD> NetHandle:  NET-149-166-0-0-1
HD> Parent:     NET-149-0-0-0-0
HD> NetType:    Direct Assignment
HD> NameServer: DNS1.IU.EDU
HD> NameServer: DNS2.IU.EDU
HD> Comment:
HD> RegDate:    1991-05-06
HD> Updated:    2003-12-22

HD> TechHandle: ON6-ORG-ARIN
HD> TechName:   INDIANA UNIVERSITY COMPUTING SERVICES
HD> TechPhone:  +1-317-274-7788
HD> TechEmail:  oitnoc@...ui.edu

HD> OrgTechHandle: DBE43-ARIN
HD> OrgTechName:   Beals, Damon
HD> OrgTechPhone:  +1-317-274-7946
HD> OrgTechEmail:  dbeals@...ui.edu

HD> OrgTechHandle: DNSAD60-ARIN
HD> OrgTechName:   DNS Administrator
HD> OrgTechPhone:  +1-317-274-0707
HD> OrgTechEmail:  dns-admin@...ui.edu

HD> # ARIN WHOIS database, last updated 2004-02-20 19:15
HD> # Enter ? for additional hints on searching ARIN's WHOIS database.



HD> The PAYPAL-Email shows a link to 210.78.22.113

HD> WHOIS-Output

HD> % [whois.apnic.net node-1]
HD> % Whois data copyright terms   
HD> http://www.apnic.net/db/dbcopyright.html

HD> inetnum:      210.78.22.64 - 210.78.22.128
HD> netname:      SHJITONG-CN
HD> descr:        JiTong Shanghai Communications Co.,Ltd
HD> country:      CN
HD> admin-c:      ZQ15-AP
HD> tech-c:       ZQ15-AP
HD> mnt-by:       MAINT-CHINAGBN-AP
HD> changed:      kevin@...com.cn 19990826
HD> status:          ASSIGNED NON-PORTABLE
HD> source:       APNIC
HD> changed:      hm-changed@...ic.net  20020827

HD> person:       Zhongbao Qian
HD> address:      Room 1001,Lekai Builing,Shangcheng Road,
HD> address:      Pudong Xin district,Shanghai
HD> country:      CN
HD> phone:        +86-021-58313170
HD> fax-no:       +86-021-58312630
HD> nic-hdl:      ZQ15-AP
HD> mnt-by:       MAINT-CHINAGBN-AP
HD> changed:      kevin@...com.cn 19990826
HD> source:       APNIC


Hi,
the site looks exactly like the site at www.paypal.com, however, there
is no verify.html at the "real" paypal site.  This smells very much
like a scam to get people's billing information.  Also, note that
the "help" (and all other) buttons are linked to www.paypal.com,not
the site from the email.

You can report this to paypal (They actually have a "suspicios email"
Category) here:
http://www.paypal.com/cgi-bin/webscr?cmd=_contact-general.

I strongly advise against filling out those forms, and to contact the
paypal people.




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ