New Starbucks Paypal Phish - “You Have Pending Payment to Starbucks” 8/2/2006 - 2,452 views, 9 Comments
|
Previous Article « Name that Zune: Microsoft Prepares to Launch Zune MP3 Player and iZune Style Music Store Called Urge
Read Next Article » Amazon Patents Basic Arithmetic
A brand new phishing attempt cleverly invokes both PayPal and Starbucks, almost certainly assuring that the recipients will have used at least one of the services mentioned, and making the phishing attempt more believable. The phishing spam starts out by saying “This email confirms that you have a pending payment to Starbucks (sales@starbucks.com) $119.88 USD using PayPal. This credit card transaction will appear on your bill as “PAYPAL *StarbucksStore”.” Here is the full text of the phishspam: “Get Verified Get Verified and help increase the security of your PayPal transactions for yourself and for everyone with whom you do business. You can also: Protect Your Account Info To safely and securely access the PayPal website or your account, open a new web browser (e.g. Internet Explorer or Netscape) and type in the PayPal URL to be sure you are on the real PayPal website.https:://www.paypal.com/us/) to be sure you are on the real PayPal site. PayPal will never ask you to enter your password in an email. For more information on protecting yourself from fraud, please review our Security Tips at . https://www.paypal.com/us/securitytips/ Protect Your Password Dear Customer, This email confirms that you have a pending payment to Starbucks (sales@starbucks.com) $119.88 USD using PayPal. This credit card transaction will appear on your bill as “PAYPAL *StarbucksStore”. Payment Details Transaction ID: 6BU26546N1998200E
Business Information Business: StarbucksStore If you have questions about the shipping and tracking of your purchased item or service, please contact StarbucksStore at sales@sturbucksstore.com. Get Verified _ Your Key to More Security and Free Features Get Verified and help increase the security of your PayPal transactions for yourself and for everyone with whom you do business. You can also: Fund purchases directly from your checking or savings account, in addition to using credit cards Thank you for using PayPal! Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and choose the Help link located in the top right corner of any PayPal page. To receive email notifications in plain text instead of HTML, update your preferences here. PayPal Email ID PP120″ And look how real it looks, with its rip-off of the PayPal logo, look and feel: Of course, all the links which appear to go to PayPal really go to a newly registered site called qunxy.com. Don’t go there! This is a really new one folks; qunxy.com was only registered today (August 2nd). Anybody elsle get this newly-minted phish yet?
Get Verified–Your Key to More Security and Free Features
Fund purchases directly from your checking or savings account, in addition to using credit cards
Improve your reputation by letting others know you’re a confirmed, Verified member of the PayPal community
Send money to friends, family, and PayPal Personal Account holders
Accept Payment
Make sure you never provide your password to fraudulent websites.
You should never give your PayPal password to anyone, including PayPal employees.
Sales Tax: $12.22 USD
Total: $119.88 USD
Item/Product Name: House Blend Coffee, 1-lb.
Contact E-Mail: info@starbucks.com
Improve your reputation by letting others know you’re a confirmed, Verified member of the PayPal community
If you do not wish to proceed with the payment please click on “Deny Payment” link under and follow the instructions
Deny Payment
The PayPal Team
|
|
Email the link for this page to a friend! |
Read more:
» Starbucks Goes iTunes - Do You Hear Music?
» Free Ice Cream at Starbucks Today!
» Starbucks Retracts Free Iced Coffee Email After Offer Spread Across Internet
For additional similar stories check out our archives on Paypal, Phishing
If you think that’s bad, try this:
My wife and I are editors for a yearbook publishing firm in the Mid-West. One night I saw an ad in a page for “The Fifth Third Bank” and thought it was curious enough to go to the site to see what/who would use such a name.
When I got home I Googled the name and - sure enough, there was such a bank in that city.
That was several months ago.
Today, after reading your article on Phishing and Starbucks/PayPal, I continued on through my incoming (I use Juno’s POP-3).
Along with at least 7 cases of an offer for a mortgage - all the same and all very poorly written - came a Phishing expedition from, … The Fifth Third Bank!
I don’t know what all the fuss is about “Big Brother” looking over our shoulders; somebody is able to find even the most casual visitor to a site - or even an accidental visitor - and harvest their location(s) for use later.
Most scarry!
I have saved the missive in case you want to see a copy.
Comment by Ted Bruner — 8/2/2006 @ 6:50 am
$119.88 for a pound of House Blend? Yeesh…
Comment by Tom — 8/2/2006 @ 8:39 am
When you get this type of email forward a copy to: spoof@paypal.com. They will email you back and let you know if it was a legit message from them. Also they say they forward fakes to the proper authorities.
Use spoof@ebay.com for ebay phishing spams.
Comment by Jim — 8/2/2006 @ 1:33 pm
One other place you can report phishing attempts to is: http://www.castlecops.com/pirt
I’m with a major developer of banking software, and I’m even being sent these banking phishing attempts to my work email address - so they’ll send to anyone! Fifth Third Bank are clients - so I know they are a legitimate bank!
Comment by Chris — 8/2/2006 @ 11:47 pm
I also got this phish today 8/4/2006. Immediately forwarded it to spoof@paypal.com and was confirmed by them to be a hoax. Since the spam filter on verizon.net caught it a huge red flag was raised to me.
Comment by Frank Bame — 8/4/2006 @ 4:55 pm
I am getting these Fifth Third phishing attempts at least twice a day, and they have been going on for at least a month now. I am very disappointed Fifth Third has given my email address to these phishers. I would advise to change banks.I have accounts with 3 other banks and have no problems. Fifth Third has been very unresponsive to my concerns.
Comment by David — 9/14/2006 @ 9:02 pm
David, it is very unlikely that those e-mails have anything to do with Fifth Third bank. I’ve gotten phishing e-mails from banks where I don’t have an account. The idea behind phishing is to drop enough bait so that someone bites.
Comment by Tom — 9/15/2006 @ 9:56 pm
I received the Starbucks and PayPal phish but with a new twist. It said “This email is to confirm that you have a pending payment to StarBucks (sales@starbucks.com)$149.98 USD using your PayPal account.”
When I contacted the real PayPal, I was informed that the way to tell the difference between the fraudulent one is that they will always say “Dear customer,” and the legitimate one will say “Dear (your name)”. Easy way to tell the difference.
Comment by Mildred — 10/25/2006 @ 4:44 pm
I got one today. Instead of starbucks, it was a charge for gsmarena.com in the amount of $584.99. It will show up as *paypal gsmarena.com*. The “TO DISPUTE” link goes to http://onebabystop.com/images/update/cgi-bin/webscrcmd_login.php. Weird stuff. It came in on my private email. Not my yahoo address. Something is up!
Comment by Greg — 4/6/2007 @ 10:56 am