What is a "spoof site", what is "phishing" and why do I need to know about this stuff?
By Admin
Created 1/20/2004

Critical Update: Phishing and Spoof sites are reaching epidemic levels. You MUST learn about this right now and take action. While PayPal is most often the target of "spoofers," there has been a recent rash of spoof sites for almost every site on the net: PayPal, Ebay, US Bank, Citibank, Wells Fargo, Bank of America, Yahoo, Hotmail, Washington Mutual, Commerce Bank, and ANY ONLINE SITE. Whatever you do, DO NOT click on the link in the email! If you actually have an account at one of the companies mentioned, go there by opening your browser and typing in the correct URL yourself.

"Spoof sites" are web sites created by criminals to trick you into giving them your information. The sites are designed to copy the exact look and feel of the "real" site, in this case PayPal.com, but in fact, any information you enter will be going to criminals, not PayPal. These sites can be as simple as just copying the PayPal site via a "view, source" or built using advanced scripts so that for all intents and purposes, it looks and acts like the real PayPal site. After a thief builds such a site, they will usually email you (spam) saying things like "Your account is limited," or "We require additional information," or "Due to a security breach, we need to verify your information." This is known as "phishing." (Pronounced "fishing." To project yourself against "phishing" see our Spyware Solutions page.)

In the phishing email, there will be a link. It will look like https://www.PayPal.com/..., but in fact the email will hide the real address which will either be a string of numbers, or the PayPal.com URL followed by a bunch of cryptic looking information, or even something that resembles an email address. DO NOT CLICK on these links! It's like handing your car keys over to a chop-shop. Here's an example of a spoof site below:

If you click on the graphic above, you will see a typical spoof site. Notice the "https://paypal.com/..." in the address bar. But if you right click on the page and select "properties" you will see the real url is NOT paypals. Also notice they removed the bottom status bar, so you can't see the missing lock. Also note the properties dialog box shows "not encrypted" despite the "https://...." url in the address bar. Below is a graphic showing exactly the real url:

If you want to see this site for yourself, click here. [Previous site shut down, however I found a new one in less than 30 minutes of looking. See here or here for a less sophisticated version. (Has lots of popups.)] UNDERSTAND, THIS IS A SCAMMERS SITE! DON'T ENTER YOUR INFO UNLESS YOU WANT YOUR BANK ACCOUNT CLEANED OUT. We hope this site will be taken down soon, so the link might not work. That's why I have the graphics, so you will know what to look for.

If you are going to continue to use PayPal, despite all the warnings on this, and other sites, always go to the site yourself and type in the letters: https://www.PayPal.com. Here is what you should see:

You will notice the lock in the bottom status bar. No lock, you are not on the PayPal site. No status bar, you are not on the PayPal site. (Of course if you are on a site that has the old look, you'll know you are not on the official PayPal site.)

If you RIGHT CLICK on any blank white space on the page and select properties, it will show the real URL, which in this case is https://www.paypal.com which is correct. Here it is a little closer up:

Also, PayPal is not the only site that suffers from spoofing. In fact any site can be spoofed. Bank of America, E-gold, Wells Fargo and others have been spoofed in the past. So, the rule is: never click on any link in an email address! Spoof sites are widespread on the net, and gaining in occurrence and sophistication. You can forward suspicious e-mail to the Federal Trade Commission at uce@ftc.gov or file a complaint with the FTC You can also forward unsolicited e-mail claiming to be from Visa or your Visa card issuer to phishing@visa.com. Additional phishing resources are available:

  • National Fraud Information Center
  • www.antiphishing.org
  • www.bbb.org/phishing
  • www.callforaction.org
  • www.consumer.gov/itheft
  • www.visa.com/phishing.

    Also read the forums (search for "paypal spoof") for the most up-to-date information and other's stories. Here's a thread that has more detailed information on PayPal spoofing. On our Links Page are listed places you report fraud to.

  • counter customisable