RSS

PayPal + Spamming+ Trojan= Clagger-H

John Stith
Staff Writer
2006-03-01

Insider Reports RSS Feed

It looks like someone else came up with another way to irritate PayPal customers. The email warns users that their PayPal account has been "temporarily limited" because of a Trojan horse spammed out. All users have to do is open the attached file and if there are any issues contact them

Sophos posted the email going out to unsuspecting folks as well as a full bulletin. Actually, it's pretty good and it's easy to see how an unsuspecting user might fall for it, particularly if the user wasn't suspicious of pretty much everything they get:

Subject: Notification: Your Account Temporally Limited

Message body:

Dear PayPal customer!

As part of our security measures, we regularly screen activity in the PayPal system. We recently contacted you after noticing an issue on your account.We requested information from you for the following reason:

We recently received a report of credit card use associated with this account. As a precaution, we have limited access to your PayPal account in order to protect against future unauthorized transactions.You can check your transaction details in attachment.

Case ID Number: RR-0922-014

If, after reviewing your transaction information, you seek further clarification regarding your account access, please contact PayPal by visiting the Help Center and clicking "Contact Us".

We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

Sincerely, PayPal Account Review Department

PayPal Email ID RR-0922

"This Trojan horse has been aggressively seeded by its creator, using spam technology, to distribute malicious code to as many vulnerable computers as possible, in the shortest amount of time," said Graham Cluley, senior technology consultant at Sophos. "However, a simple spelling mistake in the subject line should alert innocent recipients that this isn't a genuine message from PayPal. A real message from PayPal would never contain an attached executable file, and people should always think carefully before running unsolicited code on their computer."

"Many people coming into work on Monday morning may have found this email in their inbox," continued Cluley. "Anyone unfortunate enough to run this program is running the risk of allowing hackers to gain access to their computer to spy, steal and cause havoc."

As usual, people should be wary of any strange emails. As Cluley points out, real PayPal messages wouldn't contain executables. People should also make sure all their software is update properly.

Get all the updates - click this link:

Add to | DiggThis| Yahoo My Web

About the Author:
John is a staff writer for SecurityProNews covering cyber security.

More news_security_news Articles

Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Featured On:

article resources

WebProWorld.com

•	Get in-touch with industry experts and leaders
•	Post your site for review by expert and peers
•	Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com


Titan Quest Forum The #1 Titan Quest forum
Halo 3 Forum The best Halo, Halo 2, Halo 3 forum
Nintendo Wii Nintendo Wii news and views
Mac Software The best in OS X freeware
Graphics Forum Your source for graphic tutorials