Phishing PayPal email in my Gmail account
I got a phishing spam PayPal email that mimics the address services.paypal.com in my Gmail account, with title “Notification of Limited Account Access,” and a url that asks me to verify my paypal account but pointing to http://www.soios.com/matiz/varios/www.paypal.com/ssl/, which is not paypal’s website. It’s actually from servidor01.mimela.com, not paypal’s server. Here’s part of the heading of the email from the original message, which can be seen in GMail by clicking the arrow next to the reply button and then click “Show original.”
Received: from servidor01.mimela.com ([64.22.85.7])
by mx.google.com with ESMTP id 26si58691192wrl.2006.12.03.18.12.08;
Sun, 03 Dec 2006 18:12:08 -0800 (PST)
Received-SPF: softfail (google.com: domain of transitioning services@paypal.com does not designate 64.22.85.7 as permitted sender)
Received: from soios by servidor01.mimela.com with local (Exim 4.52)
id 1Gr3KQ-000599-7W
for myemail@gmail.com; Mon, 04 Dec 2006 03:13:10 +0100
Content-Type: text/html; charset=”iso-8859-1″
…………
Message-Id:
Date: Mon, 04 Dec 2006 03:13:10 +0100
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - servidor01.mimela.com
X-AntiAbuse: Original Domain - gmail.com
X-AntiAbuse: Originator/Caller UID/GID - [32705 32706] / [47 12]
X-AntiAbuse: Sender Address Domain - paypal.com
X-Source:
X-Source-Args:
X-Source-Dir:
Here’s the picture of the email (click for original size):
Url-xp.com is a scam
One day in a forum I saw a website http://www.url-xp.com/ that “pays” $2.00 per 1000 impression + Pop-under, so I gave it a try to see if it works. I went to sign up there and I saw a very simple page where you can put the paypal email address or e-gold account there, but surprisingly there’s no Term of Use or anything like that there.
After signing up I put a website there and I tested the money link that “pays” $2 per 1000 impressions. Surprisingly it counts all visits including my own repeated visits, I wasn’t sure if it really pays because those websites that pays per impression almost always doesn’t count the visits from the same IP immediately, so I refreshed the money link 1015 times, and it showed about $2 there.
After three weeks I still didn’t get anything in my paypal, I check it again and the website still shows the two dollars there, except now it says minimum payout is $50. After seeing that I gave it one more try and added one more url to auto-refresh. I auto-refreshed every 3 seconds for one whole night until I wake up and see the balance went up above $50, after this the page still looks the same as before except for the balance. I checked it out after some weeks and it’s still the same, I still didn’t get anything paid for it. Now I check it again and the website is gone! I went to look at its domain registration data at GoDaddy.com and it says domain suspended because of abuse: http://who.godaddy.com/whois.aspx?domain=URL-XP.COM&prog_id=godaddy.
here’s the picture of the $50.153 they owe me, it seemed to be gotten effortlessly, but it’s never paid:
-
Recommended Services:
-
Others:
