I just got an email that looked all the world like it came from Paypal asking me to fill out a form supplied in the email and give my username, password, credit card #, expiration date, and PIN. This was an HTML formatted letter so all I had to do was fill out the form and press submit and all that information would have gone to where the submit button told it to go.
This seemed like an awfully insecure way of handling this data to me so I tore into the letter to see how the form behaved and where it wanted to send my information. It ends up wanting to send it to www.client-support.biz/paypal/pp.php. I fired up my web browser and went to see where this place was. It redirected me to the official Paypal website. I went to look up who owned this “client-support.biz” domain and it belongs to a “thomas liebich” in Vienna, Austria.
What this little nasty e-mail would have done, had I filled out the form with the information it asked and clicked on the submit button, is send all my information to the client-support.biz website and then immediately redirected me to the Paypal website with the proper login information and I’d have never been any the wiser. What do you want to bet that no one ate Paypal has ever made any business arrangements with “Mr. Liebich” to do anything like this?
I thought this was interesting and just thought I’d pass the information on to y’all. It’s never a good idea to fill out any of these forms that you receive in e-mail. Think real hard about the information you are submitting anywhere and consider if you really trust where this informtion will end up. Most things out there are harmless, not all though. This was one of the things that could have really bitten me.