mailing list archives
Re: Possible PayPal security problem
From: "zelyah zub" <zelyahzub () gmail com>
Date: Thu, 20 Dec 2007 10:12:51 +0000
On Dec 19, 2007 9:49 PM, Fabio Fagundes <fabio.fagundes () gmail com> wrote:
nslookup paypal.com :
Reverse resolution seems to be fine too... 1st & 2nd resolve to
www.paypal.com and the 3rd & 4th to
That sounds like the most probable solution. I do not believe that
Paypal, being a target for attacks many times in the past, would ever
ask you to "verify your identity" by entering your credit card
There are many banking Trojans that try to insert themselves as
Layered Service Providers, intercept the traffic and inject HTML into
pages and then send sensitive data to the malware writers. Since you
had the same behaviour with Firefox and IE it is not a usual BHO
(browser helper object) attack.
I would suspect that the email is also fake (you should try looking at
the raw source of the email and try to find the originator of the
message, although that can be spoofed as well).
Finally it is probably best to report this potential attack yourself.
But before you do this I would download a bootable Linux distribution
such as Knoppix and submit the query after booting from it, to make
sure that the malware is not actively running in memory.
Oh, don't forget to use up-to-date anti-virus software, although that
is not a guarantee that the malware will be detected and removed.
Ultimately (and I hate saying this), backup all your data (and just
data) and re-install the system from scratch.
Re: Possible paypal security problem Shreyas Zare (Dec 19)
Re: Possible paypal security problem jam (Dec 19)
Re: Re: Possible paypal security problem jegreen3 (Dec 19)
RE: Possible PayPal security problem jfvanmeter (Dec 20)
RE: Possible PayPal security problem Jay (Dec 20)