If you use PayPal, be careful logging into your account. These reports have been coming in for a while and they bear a resemblence to the recent PayPal/Netcraft /redirect hack, which went unfixed for 2 whole years. Read the cc&p of the email below. I doubt paypal would use language like that. (Central Server Meltdown)
Also notice the original poster reports he/she is redirected there after sign-in, only to supply more info, like pin #s. Waiting to find out whether they accepted a security certificate warning pop-up, which has been reported on, and given the blessing of the pinks on sleazebays paypal board.
pygmy*rabbit (12 ) View Listings | Report Sep-25-06 21:46 PDT Hi. I logged into my PayPal account this morning and had no problem. Now when I log in I get moved to a page that to update my account, due to a central server meltdown all my information was lost. I am unsure about entering all that information they are requesting and plus the security certificate is different from what it was before. I haven't received an e-mail from PayPal stating that my account information was lost, but I guess if my account information was lost then they wouldn't have my e-mail address. Have any of you experienced this? Did you fill in the information? Hmmmm.... Thanks in advance! 4 replies Date posted Reply # dodgerbums (341 ) View Listings | Report Sep-25-06 21:52 PDT 1 of 4 I got the same message and there is no way Id enter that info!
We apologize for the inconvenience, but due to a central server meltdown your personal information was lost.
In order to enjoy your PayPal experience and keep your account active, you must submit your personal information.
We require some important information to verify your user account. Please enter the following information below to help us confirm your identity . Your Social Security Number will not be recorded in any way. It will be used only to validate your identity. As permitted by law and executive policy, Social Security Numbers (SSNs) may be used to verify a person's identity for a variety of purposes. Our system only uses your SSN once, and only once during this registration process. Your credit card will not be charged. We have taken these additional precautions to protect you from potential identity theft.
Online Profile
First Name* Last Name* Social Security Number* Mother's Maiden Name:*
colonyboy (642 ) View Listings | Report Sep-25-06 23:18 PDT 3 of 4 The language of the email isn't right.
Paypal members often meltdown, but not paypal servers.
You were not on a paypal site. I hope that no one entered any info
dodgerbums (341 ) View Listings | Report Sep-25-06 23:29 PDT 4 of 4 Not an email - redirects me there after I login to paypal main site or when I try to pay for an item I won via paypal. Is anyone else able to login to the paypal site without this coming up?
Thanks
-- Edited by anonymous at 02:04, 2006-09-26
__________________
CAPP Consumers Against PayPal Policies - Exposing the sleazery of sleazebay and painpal
It's an obvious scam. Anyone with brain activity knows that PayPal (nor any other legitimate business) would never ask for an ATM Pin number in an email. First, no one in their right mind would give it up. Second, no legitimate company would have a use for it.
Anyone who is stupid enough to fall for this should get off the internet - permanently.
BORED, buddy, good to see you again. Why do you think E-bay and Paypal allows things like this to continue?? They are at the top of the scam chain. Are they that unstable?, or they just don't care what happens to their customers! What do you think?
ps. come on over to our side, we have pirate stuff and all kinds of neat things!
It's an obvious scam. Anyone with brain activity knows that PayPal (nor any other legitimate business) would never ask for an ATM Pin number in an email. First, no one in their right mind would give it up. Second, no legitimate company would have a use for it.
Anyone who is stupid enough to fall for this should get off the internet - permanently.
Is that you, stampman?
The thing is, if folks get redirected AFTER signing in, it would not be odd for many to believe it is a legit, (in particular if the url prefix and lock icon on the phish page are also spoofed) especially for those who are not geeky or have little internet/ebay/paypal experience.
At first when I started reading these recent reports I thought PP was just doing some work or upgrading, but now I am not so sure.
I doubt the trouble is a compromised hosts file or a BHO either. If that were the case, you would likely go directly to the phish page, not the legit PayPal sign-in first.
It will be intertesting to see how this plays out. PayPal needs to be held accountable, for lack of responsible disclosure, past, present and future, IMO.
Some banks have more sophisiticated security set-ups, (and concern for their users,) why not PayPal?
__________________
CAPP Consumers Against PayPal Policies - Exposing the sleazery of sleazebay and painpal
You are RIGHT ANON! for you. Some of this is for sport (hi stampman), but alot is serious business. Thanks for bringing e-bay's dreadful record to light here. They are so bad on so many levels, it's hard to keep track!
Since the news services have been either too afraid to announce PayPal has been hacked, or worse they've been bought off to keep the story secret I think someone should take the ball and run with it.
Maybe a post on other boards giving the info that PayPal has been hacked are in order. You can state your case and ask for someone to prove that PayPal hasn't been hacked.
Do it now, warn the people before it's too late!!!
Knowing that PayPals site is held together with soft rubber bands and bubble gum and that parts of it have not ever worked properly or reliably aside, they are having a large number of other troubles. Look around.
Oh I'm sure PayPal would inform their users had it been hacked, went in 2 years or so...(and after a third party exposed the fact Bwa-hahahaha)
Yeah, PP is immune to hacking cracking and DoS attacks. There are no weekly hacking contests... No one has ever hacked it. I doubt PainPal could have pi$$ed off the wrong person or persons who would try anything like that.
__________________
CAPP Consumers Against PayPal Policies - Exposing the sleazery of sleazebay and painpal
Hmm, more and more and yet more problems with the PP site and system, widely reported and affecting many areas of operation. I wonder why?
Well it is a good thing the old cross scripting trick still works (you know that one that ebay has not fixed for Gaaaawd only knows how long. In fact, I believe ebay is called a Dangerous Site, and it is recommended that it be placed on IEs restricted list ----BWA-hahahahaha!!!)
but I digress...
It saves the trouble of having to hack the entire site. And it is soooooo easy too. All someone has to do is find one of the auctions, SCO offers, what have you, save it complete, do a bit of presto-chango to the script, list your listings, and BAM! Money from heaven!!!
So really stamptard, it does not matter (to the victim whether the entire PainPal/sleazebay system is hacked, or just one auction or email or SCO at a time.
The really funny part is , is that sleazebay and PainPal could stop all that in one fell swoop by disallowing ALL JS in the description. Or by only allowing text and graphics in a pre-made template. DUH!!! Too obvious.
They could also easily quash the phish mails and SCOs by simply NEVER having a clickable link in emails... Again, Too obvious.
They have the ability to make obsolete a huge amount of fraud and fraud potential (as we all know ebay/paypal users are the biggest targets on the www) why they do not... good question.
Kinda makes me wonder...
(remember, ignore the obvious.)
__________________
CAPP Consumers Against PayPal Policies - Exposing the sleazery of sleazebay and painpal
I didn't think there was anything to your report of PayPal possibly being hacked till I saw the CNN, AP, and Reuters articles today. Looks like you're right.
Really Bored wrote: I didn't think there was anything to your report of PayPal possibly being hacked till I saw the CNN, AP, and Reuters articles today. Looks like you're right.
Whoa!!! you won't believe how wasted I was when I wrote that. That was some good stuff. Just goes to show you that you can't believe everything you read on a message board.
Seriously though, wouldn't it have been funny if someone ran off thinking that CNN, AP, and Reuters really had articles yesterday about PayPal being hacked. Boy would they have looked foolish.
Bored, I know you want to be on our side. Especially now that they have enhanced the report button! Thank them for the antis. We can now specifically point to the infractions of our Liveworld hosts. Right there in Black and White! Odd that report button.! The only way the Live 5 could deflect the bad PP publicity, was to start inter-personal disputes to move the thread in a direction away from the PP hate posts. ( a near-mint plan) But now!!!! ah ah ah! that's not allowed! And the famous PRO ID LINKING manuver? no no no!
I was wondering one thing though. Since you pros know THIS board well enough to quote it constantly on the nazi board, do you all hang out here or is there one pro that lurks and then reports back to Lieworld?
No sweetie, The one that said" PAYPAL HACKED!! NO ONE"S ACCOUNT SAFE !! NOT EVEN YOURS!!"
It featured the "heads up" story Anon found for us. No one had a chance to respond to it. PayPal is hiding the fact that they are a perfect medium for money laundering, and Islamic fanatics. Didn't the FBI find out that e-bay helped the 9-11 terrorists? Bored, you better get away from those morons. Think of all the good you could do by exposing those traitors at PP.
We'll give you asylum. WE found a nice place for you with trees, and an outside recreation center, all fenced in for your protection.
Assembly Bill No. 700, chapter 1054, operative July 2003 would require a state agency or a business in California that owns computerized data (personal information) to disclose any breach of this information (unencrypted data) to any resident of California whose personal information was acquired by unauthorized access.
Who is affected by this bill: Any institution conducting business in California such as state or local agencies, financial/banking, healthcare or commercial businesses
Personal Information is defined as an individual's first name or initial plus:
* Social Security Number * Driver's license or Identification card number * Account number, credit card, debit card, and/or password access to an individual's banking account
The following data are most vulnerable for unauthorized access: Credit card transactions, magazine subscriptions, telephone numbers, real estate records, automobile registration, consumer surveys, credit reports
Notification to consumers should be disclosed immediately through:
* Written notice or electronic notice * Posting on the web page of the business * Announcement to a major statewide media
-- Edited by anonymous at 16:20, 2006-10-10
__________________
CAPP Consumers Against PayPal Policies - Exposing the sleazery of sleazebay and painpal
ooops, I may have been wrong. This may be professor starburnt. Wasn't that the one that always rang in with some legal mumbo-jumbo that had absolutely nothing to do with the topic at hand? (and was not bright enough to comprehend it anyway?)
Is that the same one with the "posting stutters", like the gears of thought are getting stuck one after another? (go look, it is truly hilarious)
What is the word or phrase for "ignorant misguided dorky burnt-out poindexter jerkwad trekky loser" in the official cling-on dictionary?
__________________
CAPP Consumers Against PayPal Policies - Exposing the sleazery of sleazebay and painpal