At 08:56 AM -0400 09/30/2005, Steven Wood wrote:
A couple of things on PayPal:
1. Another way to distinguish a phish is that a truly secure site
like PayPal displays a URL beginning with https in your browser; the
"s" is for secure. If it is not there, you can be sure it's a fake;
if it is there, well, I still wonder if some clever crook has gotten
around that, too.
In the ole'days, the certificates required to do SSL cost a lot -
$5,000 to $50,000 per year. But these days, they can be had for
$100/year or so. Most phishers aren't running their own web servers,
but as it becomes more profitable I'm sure they will!
Another problem is that many sites are secure, but don't use https
urls. They use a normal page, then pass the username and password to
their server using SSL. Since that's happening within the form
submission, you don't see the "https" even tho it's really there.
They do this because running whole sessions under SSL is expensive.
So checking for "https" is simply no longer useful.
What is useful?
1. As you said: NEVER use those links sent to you via email.
2. Check the *top most* Received header. This header is added to
the message by YOUR (trusted) local mail server. It indicates what
server actually handed the email to it!
A *real* eBay email will look something like this:
Received: from mx21.smf.ebay.com (mxsmfpool11.ebay.com [66.135.209.208])
by sccrmxc21.comcast.net (sccrmxc21) with ESMTP
id <20050904183339s21001uiq0e>; Sun, 4 Sep 2005 18:33:39 +0000
Note that 66.135.209.208 is an IP address that actually *belongs* to eBay!
208.209.135.66.in-addr.arpa PTR 3600 mxsmfpool11.ebay.com
Paypal.com and Half.com are set up the same way.
Here's a spoof:
Received: from aputeaux-153-1-55-56.w82-124.abo.wanadoo.fr ([82.124.177.56])
by sccrmxc22.comcast.net (sccrmxc22) with SMTP
id <20050915205349s22001pufve>; Thu, 15 Sep 2005 20:54:22 +0000
That came from wanadoo.fr, a French ISP, NOT eBay!
The above check will screen out 100% of all eBay/Paypal/Half phishes.
And finally, for those companies too stupid to set up their mail
servers properly...
3. View the mail in its raw form and look at the actual URL you're
going to click on. It won't be pointing to the right site.
2. Mr. Osburn said, "But the fact remains that I'm *NOT* a
business...and the expectation (demand?) that a private party should
act like one and take credit cards seems presumptuous, to say the
least."
Actually, if you are buying and selling, you ARE a business and you
DO need to act like one, just like flea market sellers should. I'm a
tax professional and I assure you the IRS considers you a business
on that basis alone. Once they find you, if you are making a profit
they will want not only income tax, but self-employment
taxes--another 7.65% for Social Security and Medicare. If your state
is one of the 41 with an income tax, the IRS will notify them and
they will demand their cut as well.
Blew my mind when the IRS auditor plopped a complete hardcopy of my
eBay transactions onto the table! Luckily, for that year, it was
mostly cost recovery stuff. So the guy let me slide.
...Tells you something about Big Brother. eBay doesn't maintain
their completed auction database for too long - just too much data.
And the listing the auditor showed me was more indepth than the
standard monthly eBay invoice. So either eBay maintains more, and
the IRS has access to it. Or the IRS is spidering!
- Dan.
--
G-List is sponsored by <http://lowendmac.com/> and...
Small Dog Electronics http://www.smalldog.com | Refurbished Drives |
-- We have Apple Refurbished Monitors in stock! | & CDRWs on Sale! |
Support Low End Mac <http://lowendmac.com/lists/support.html>
G-List list info: <http://lowendmac.com/lists/g-list.shtml>
--> AOL users, remove "mailto:";
Send list messages to: <mailto:[email protected]>
To unsubscribe, email: <mailto:[EMAIL PROTECTED]>
For digest mode, email: <mailto:[EMAIL PROTECTED]>
Subscription questions: <mailto:[EMAIL PROTECTED]>
Archive: <http://www.mail-archive.com/g-list%40mail.maclaunch.com/>
iPod Accessories for Less
at 1-800-iPOD.COM
Fast Delivery, Low Price, Good Deal
www.1800ipod.com
