lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <405A143E.8090807@ja6.com>
From: maillist at ja6.com (ja6.com)
Subject: Is this a paypal scam?

Hmm, a quick search of ARIN (www.arin.net) and the APNIC (www.apnic.net)
reveals this IP is in CHINA. Unless PayPal is hosting servers in China, I would guess it is a scam.
Also seems kinda suspect that the IP does not have a reverse lookup assigned to it if it is valid.

For example one of Paypal's front end servers is 64.4.231.34 and resolves to www.paypal.com.

I wouldn't send them anything, but thats just me. 


% [whois.apnic.net node-1]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html
*_inetnum_*:      218.62.0.0 - 218.62.127.255
netname:      CNCGROUP-JL
country:      CN
descr:        CNCGROUP jilin province network
admin-c:      CH444-AP <http://www.apnic.net/apnic-bin/whois.pl?searchtext=CH444-AP&form_type=advanced>
tech-c:       WT92-AP <http://www.apnic.net/apnic-bin/whois.pl?searchtext=WT92-AP&form_type=advanced>
status:       ALLOCATED NON-PORTABLE
changed:      abuse@...-noc.net 20031016
mnt-by:       APNIC-HM <http://www.apnic.net/apnic-bin/whois.pl?searchtext=APNIC-HM&form_type=advanced>
mnt-lower:    MAINT-CNCGROUP-JL <http://www.apnic.net/apnic-bin/whois.pl?searchtext=MAINT-CNCGROUP-JL&form_type=advanced>
changed:      hm-changed@...ic.net 20040301
source:       APNIC
*person*:       CNCGroup Hostmaster
_nic-hdl_:      CH444-AP
e-mail:       abuse@...-noc.net
address:      No.156,Fu-Xing-Men-Nei Street,
address:      Beijing,100031,P.R.China
phone:        +86-10-82990775
fax-no:       +86-10-82990885
country:      CN
changed:      abuse@...-noc.net 20031027
mnt-by:       MAINT-CNCGROUP <http://www.apnic.net/apnic-bin/whois.pl?searchtext=MAINT-CNCGROUP&form_type=advanced>
source:       APNIC
*person*:       Wang Tiegang
_nic-hdl_:      WT92-AP
e-mail:       wtg@...l.jl.cn
address:      96,JieFang Road ChangChun 130021 China.
phone:        +86-431-8925217
fax-no:       +86-431-8925190
country:      CN
changed:      wtg@...l.jl.cn 20030117


mnt-by:       MAINT-CNCGROUP-JL <http://www.apnic.net/apnic-bin/whois.pl?searchtext=MAINT-CNCGROUP-JL&form_type=advanced>
source:       APNIC


----------------------
--Jon

jschmidt@...ler.com wrote:

>http://218.62.43.30/verify.html
>
>Signed up for paypal 2 weeks ago, and then this came in the mail as a link 
>in a paypal looking html email asking me to confirm by entering my credit 
>card/account info.
>I've only purchased 1 thing since signing up; it was from ebay from a 
>longtime seller with nearly 100% positive feedback, and I received the 
>equipment as expected.
>If this is a scam, then maybe paypal has some employees passing new 
>account info outside the company.
>
>-jamie-
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>  
>



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ