Because I'm not a complete idiot, only a cocky idiot. I decided to respond to a PayPal Phishing attempt. Am I the Pew Die Pie of the IT security blogging niche?
The email came from a No-Repley <no-reley@conso-supportselppl.com> it pro-ported to be from PayPal, without an @paypal.com email address domain. Their username wasn't even the same "No-Repley" vs "no-reley". My account, which I hadn't used in ages, was suspended. They even had a shitty PayPal security image.
So I clicked the link "Login to your account" for the craic. My PayPal security was being handled by third party, sigoapple.com. A South Korean Amazon rip-off. The news told me that the South Koreans were the good guys. Only an idiot would go further... a cocky idiot! So I logged in with some accurate information. Note: The "Sign up" button doesn't work.
Very Professional, they are processing something... possibly going to fuck themselves, as instructed.
I needed to fill in my name and address for some reason. Only the CAPCHA was checking security correctly. So like a little Lamb to the financial slaughter, I scurried along.
I put in some shitty credit card information. Luckily Chrome didn't suggest to put in my stored card information. It has disabled Auto-Suggest for this site. There was no error checking here.
OK, so what now? It did more processing, I felt so secure...
Then it took me back to the first Login Page... This was literally going to a hooker for a hug and somehow getting fucked.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.