David Fletcher wrote: > I set up an email box specifically for use with this email list just a few > days ago. > > I submitted some work to the list on Friday that I've not yet had a response > to, but what puzzles me is that today I had a genuine email from paypal to > the normal address that I set up for use with ebay and paypal, asking me to > update my credit card details because it was about to expire. > > Also today to the address I set up for this list only, I received two > fraudulent emails, claiming to be from paypal and Barclays, both also saying > that my card details were about to expire, and both having http links in the > email pointing to a server at 202.134.78.92. > > Has anybody else had any emails like this? I have not used this address > anywhere but with the Documentation list. > > Dave Fletcher > > The arrival of the fraudulent emails and the legitimate email in the same day are purely coincidence. That kind of spoofed message is very common, and you can always safely discard them. As a precautionary measure, I generally recommend that people never use links from emails to visit ecommerce sites. In many clients, especially web-based ones, you cannot rely upon any part of the link details (in the status bar or elsewhere) to be accurate, as there are tricks to disguise the actual destination. If you have even an inkling that the message is fraudulent, you shouldn't even open it. It will never cause you a problem if you miss a legitimate email from eBay or PayPal, so you don't need to worry about missing a potentially legitimate one. You can always manually point your web browser to their respective sites to check in on your account if you feel the need. There are many, many ways that email harvesters can collect your addresses. It is likely that one of your past messages hit a public archive and the harvesters picked up the email from there. As far as the content of the message, this is also likely a coincidence, as that rouse is one of the more common techniques. I would only be concerned if the emails displayed some part of your actual card number. Think of it this way: if they already have your information, they don't need to trick you into giving it to them. ;-) If you have any other questions regarding online security or email fraud, let me know. -- Patrick "The N-Man" Barnes nman64@xxxxxxxxx http://www.n-man.com/ -- Have I been helpful? Rate my assistance! http://rate.affero.net/nman64/
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-docs-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-docs-list
