Beware of Fake PayPal E-Mail Message Installs Worm
Now this time its a new fake PayPal email message spreading spam over the web. Its different from previous spam mail here it asks users to open a zipped file attached with the spam mail that is actually a worm that infects the recipient’s computer upon execution. In the message you get the explanation like that-
your PayPal accounts were hacked, and that some fraudulent activity may have occurred. As part of security measures, “PayPal” is asking users to review the “report” in the .ZIP file and then contact the company if anything unusual is discovered.
When users opens zipped document that contains malicious executable file WORM_POISON.LA, its actually a worm that is Detected by Trend Micro, Trend Micro is a smart protection network for cloud-client security infrastructure that is design to protect users from web threads. This malicious executable has routines that are related to the (now infamous) peer-to-peer file-sharing application.
WORM_POISON.LA It Propagates via peer-to-peer networks. Its a malware that is designed to propagate and spread across networks. Worms are known to propagate using one or several of different transmission vectors like email, IRC, network shares, instant messengers (IM), and peer-to-peer (P2P) networks. the Worms do not infect files, but may carry one or more payloads, such as computer security compromise and information theft.
Regarding PayPal few useful steps to recognize fake emails. MUST read them.
- Generic greetings Many spoof emails begin with a general greeting, such as: “Dear PayPal member.” If you do not see your first and last name, be suspicious and do not click on any links or button.
- A false sense of urgency Many spoof emails try to deceive you with the threat that your account is in jeopardy if you don’t update it ASAP. They may also state that an unauthorized transaction has recently occurred on your account.
- Fake links Always check where a link is going before you click. Move your mouse over it and look at the URL in your browser or email status bar. A fraudulent link is dangerous. If you click on one, it could Direct you to a spoof Websites that tries to collect your personal data.
- Install spyware on your system Spyware is an application that can enable a hacker to monitor your actions and steal any passwords or credit card numbers you type online.
- Emails that appear to be Websites Some emails will look like a Websites in order to get you to enter personal information. PayPal never asks for personal information in an email.
- Even if a URL contains The word “PayPal,” it may not be a PayPal site. Examples of fake URLs: www.paypa1.com, www.secure-paypal.com, www.paypalnet.com, www.paypalsecure.com
- Always log in to PayPal by opening a new web browser and typing in the following: https://www.paypal.com/
- Never log in to PayPal from a link in an email message.
- Unsafe sites The term “https” should always precede any Website address where you enter personal information. The “s” stands for secure. If you don’t see “https,” you’re not in a secure web session
- Avoid Pop-up boxes PayPal will never use a pop-up box in an email as pop-ups are not secure.
Source : PayPal Spam Warns of Fraud, Installs Worm Instead
May 28th, 2009 at 6:04 AM
Hi, good post. I have been wondering about this issue,so thanks for posting. I’ll definitely be coming back to your site.
June 4th, 2009 at 5:07 PM
Hi, good post. I have been wondering about this issue,so thanks for posting.
June 11th, 2009 at 11:10 AM
You made some good points there. I did a search on the topic and found most people will agree with your blog.
September 24th, 2009 at 5:55 PM
thanks you..