PDA

View Full Version : hundreds of paypal user names/emails



jakeroberts
06-09-2007, 09:28 PM
Hello, I got an email from paypal about my account today, instead of the message they were trying to send I got a document with 2 or 3 pages of emails /usernames. I have attempted to contact them but they have not responded. This seems to me like a pretty serious security issue and I want to make people aware of it, what should I do?

BIG D 04
06-09-2007, 09:35 PM
Blackmail them and get some Money out of it.

No personally I wouldn't give it to the Company, I'd report it to the Information Commissioner (or equivalent body, depending on where you life) to ensure its taken seriously and not covered up.

These ineffective Security by companies has gone to far. Then to reinforce the Idea, I'd also pass the information onto Spammers.

I can smell the Legal Action, already.

bobtomay
06-09-2007, 10:14 PM
My guess is that what you received was not from Paypal at all, but from a spammer trying to entice people to come and verify their user name and password. The document you got was more than likely a mistake made by the spammer in the attachment he put into the e-mail.

I would notify Paypal directly - not throught that e-mail - and let them know what you received. Paypal has been doing much to try and combat this type of prolific spam aimed at it's users. I get on average 2 of these a week at my workplace e-mail even through the filters in place.

jakeroberts
06-09-2007, 10:46 PM
Hello, I tried to post it here but there are too many characters, 36000 or so. The email did not ask for any of my personal info, all that was in it was the user names and or emails.

jakeroberts
06-10-2007, 09:44 AM
1539 addresses in all

bobtomay
06-10-2007, 10:03 AM
Still, I think this is a stupid spammers mistake and would contact Paypal. At least they could verify whether these are genuine accounts and info or not and take appropriate action.

There's really not much else you can do besides delete and forget it.

PapaNoHair
06-10-2007, 10:20 AM
Still, I think this is a stupid spammers mistake and would contact Paypal. At least they could verify whether these are genuine accounts and info or not and take appropriate action.

There's really not much else you can do besides delete and forget it.

I, for one, would like to know the outcome of this (I use PayPal a lot). Would be interested in knowing if, in fact, this is a legitimate list or not.

jakeroberts
06-10-2007, 10:22 AM
I will let you know how it comes out.

jakeroberts
06-10-2007, 10:31 AM
Bingo!!--it is a scam. The tipoff is this line:

Received: from server1.ddf.com.br ([67.15.60.8])

Here is the result of a whois search:

mherring@1[grub]$ whois server1.ddf.com.br

% Copyright (c) Nic.br
% The use of the data below is only permitted as described in
% full by the terms of use (http://registro.br/termo/en.html),
% being prohibited its distribution, comercialization or
% reproduction, in particular, to use it for advertising or
% any similar purpose.
% 2007-06-10 10:55:39 (BRT -03:00)

% Query rate limit exceeded. Reduced information.
% Use https://registro.br/cgi-bin/avail/ for domain availability.

domain: ddf.com.br
owner: Daniel de Melo Franqueira ME (682010)

% Security and mail abuse issues should also be addressed to
% cert.br, http://www.cert.br/, respectivelly to cert@cert.br
% and mail-abuse@cert.br
%
% whois.registro.br accepts only direct match queries. Types
% of queries are: domain (.br), ticket, provider, ID, CIDR
% block, IP and ASN.

Going to registro.br confirms that they are in fact in Brazil.

I would definitely pass this on to Paypal (use an address for them that
you know to be good)

MacHeadCase
06-10-2007, 10:38 AM
Hah! It made no sense and now you do have proof! Cool! If ever I need a detective, I'm gonna hire you and Browny fer sure! :D

knightlie
06-10-2007, 03:27 PM
You should be able to email it to spoof@paypal.com. That's where I send all the phishing emails I get. And I wouldn't post it here, whether you can or not. The owners of the addresses won't thank you for placing their emails on the web for all to see.

PapaNoHair
06-10-2007, 07:29 PM
I agree with MHC - going to add you to my "detectives" list. Wow - great job! It is also a relief to know someone did not crack the real list. Great job jakeroberts!!! :D