작성일자
카테고리 자유로운글

페이팔을 자주 이용하다보니 피싱이 있네요. 의심스러운 경우 신고하는 방법을 알아보겠습니다.


===============================================================================================


7/13/2014 11:31:08

Dear martian36@naver.com,


PayPal protects your card against unauthorized use when shopping online.

You've bo ught a top-up voucher from digicallingcards (contacts@digicallingcards.com)
It may take a few moments for this tra nsaction to appear in your account.

If you have not authorized this charge, log in as soon as possible to cancel the payment!

https://www.paypal.com/ie/webapps/mpp/home

When the payment will be canceled you will get a full refund.

PayPal Secure Payments 


================================================================================================


위와 같은 이메일을 받았습니다. 누군가 나의 계정을 이용해 온라인 쇼핑을 하려고 하는데 본인이 한 것이 아니면 당장 취소하라는군요. 그래서 log in 링크를 클릭하니 다음과 같은 화면이 나왔습니다.



주소창을 보니 정말 어이없는 URL입니다. 꼭 확인해야 합니다. 그림만 보고 이메일과 비밀번호를 입력하고 로그인하면 바로 사기꾼에게 정보가 가게 됩니다.



신고하기 위해 계정 화면에서 Security Center를 클릭했습니다.



좌측 사이드바에서 Report (phishing) email을 클릭했습니다.



spoof@paypal.com으로 해당 이메일을 포워딩 하라고 합니다.



네이버의 경우 해당 이메일에서 전달을 클릭하고 신고 내용을 입력하고 보냅니다.


바로 답장이 왔습니다.


==============================================================================================


Dear martian,
Thank you for being a proactive contributor by reporting 
suspicious-looking emails to PayPal's Abuse Department. Our security 
team is working to identify if the email you forwarded to us is a 
malicious email.
Paypal Will Always:
- Address our customers by their first and last name or business name of
their PayPal account
Paypal Will Never:
- Send an email to: "Undisclosed Recipients" or more than one email 
address
- Ask you to download a form or file to resolve an issue
- Ask in an email to verify an account using Personal Information such 
as Name, Date of Birth, Driver's License, or Address
- Ask in an email to verify an account using Bank Account Information 
such as Bank Name, Routing Number, or Bank Account PIN Number
- Ask in an email to verify an account using Credit Card Information 
such as Credit Card Number or Type, Expiration Date, ATM PIN Number, or 
CVV2 Security Code
- Ask for your full credit card number without displaying the type of 
card and the last two digits
- Ask you for your full bank account number without displaying your bank
name, type of account (Checking/Savings) and the last two digits
- Ask you for your security question answers without displaying each 
security question you created
- Ask you to ship an item, pay a shipping fee, send a Western Union 
Money Transfer, or provide a tracking number before the payment received
is available in your transaction history
READ!
Any time you receive an email about changes to your PayPal account, the 
safest way to confirm the email's validity is to log in to your PayPal 
account where any of the activity reported in the email will be 
available to view. DO NOT USE THE LINKS IN THE EMAIL RECEIVED TO VISIT 
THE PAYPAL WEBSITE. Instead, enter www.paypal.com into your browser to 
log in to your account.
What is a phishing email?
You may have received an email falsely claiming to be from PayPal or 
another known entity. This is called "phishing" because the sender is 
"fishing" for your personal data. The goal is to trick you into clicking
through to a fake or "spoofed" website, or into calling a bogus customer
service number where they can collect and steal your sensitive personal 
or financial information.
We will carefully review the content reported to us to certify that the 
content is legitimate. We will contact you if we need any additional 
information for investigating the matter. Please take note to the 
security tips provided above as they may help to answer any questions 
that you may have about the email you are reporting to us.
Help! I responded to a phishing email!
If you have responded to a phishing email and provided any personal 
information, or if you think someone has used your account without 
permission, you should immediately change your password and security 
questions.
You should also report it to PayPal immediately and we'll help protect 
you as much as possible.
1. Open a new browser and type in www.paypal.com.
2. Log in to your PayPal account.
3. Click "Security and Protection" near the top of the page.
4. Click "Identify a problem."
5. Click "I think someone may be using my account without permission." 
6. Click "Unauthorized Account Activity."
Thank you for your help making a difference.
Every email counts. By forwarding a suspicious-looking email to 
spoof@paypal.com, you have helped keep yourself and others safe from 
identity theft.
Thanks, 
The PayPal Team
***********************************************************************
Please do not reply to this email. If you need to follow up, please 
follow the steps above to access your account and utilize the Contact Us
resources from our site.
***********************************************************************


===========================================================================================


자동 답장인데 주 내용은 페이팔에서는 어떤 요구를 하지 않는다는 것입니다.


곧 이어서 확인 답장이 왔습니다.


===========================================================================================


Hello martian,
Thanks for forwarding that suspicious-looking email. You're right - it 
was a phishing attempt, and we're working on stopping the fraud. By 
reporting the problem, you've made a difference!
Identity thieves try to trick you into revealing your password or other 
personal information through phishing emails and fake websites. To learn
more about online safety, click "Security Center" on any PayPal webpage.
Every email counts. When you forward suspicious-looking emails to 
spoof@paypal.com, you help keep yourself and others safe from identity 
theft.
Your account security is very important to us, so we appreciate your 
extra effort.
Thanks,
PayPal
This email is sent to you by the contracting entity to your User 
Agreement, either PayPal Ince, PayPal Pte. Ltd or PayPal (Europe) S.à 
r.l. & Cie, S.C.A. Société en Commandite par Actions, Registered Office:
5th Floor 22-24 Boulevard Royal L-2449, Luxembourg RCS Luxembourg B 118 
349.


=============================================================================================


사기성 피싱 이메일이 맞다고 합니다. 


영어에 약하신 분들은 꼭 확인하세요. 급하게 뭔가를 하면 당합니다.



저작자 표시 비영리 변경 금지
신고
jimoniko2048

잘보고 갑니다. 전자용품 구입시 다나와 추천하고 갑니다.

이인재

Wow 낚시는 끝이 없네요 ㅋㅋㅋ
유용한 내용 감사합니다

매력오리

이야.... 이거 진짜 영어 제대로 안 읽어보고 급하게 하다가는 바로 비번 전송되겠네요 ㅜㅜ 페이팔이 이멜주소와 비번만으로 쉽게 결제가 되어버리니 악용하기 쉬울 것 같네요 ㅜ

돌돌

헐.. 좋은 정보 감사합니다;ㅅ; 영어로 저런 메일이 오면 진짜 당하기 쉬울 것 같네요ㅜㅜ

티스토리 툴바