Aye! Right!

I just got this email purporting to be from PayPal. I don’t believe the email.

Dear valued PayPal member:

It has come to our attention that your PayPal account information needs to be
updated as part of our continuing commitment to protect your account and to reduce
the instance of fraud on our website.  If you could please take 5-10 minutes out
of your online experience and update your personal records you will not run into
any future problems with the online service.


However, failure to update your records will result in account suspension.
Please update your records on or before July 06, 2007.

Once you have updated your account records, your PayPal session will not be
interrupted and will continue as normal.

To update your PayPal records click on the following link:
http://72.189.180.57/updateusersonlinesecurity.html



Thank You.
PayPal UPDATE TEAM

What makes me think it is a fake? The URL does not contain PayPal’s domain name. It is a simple IP address.

So, who owns the IP Address?

OrgName:    Road Runner HoldCo LLC
OrgID:      RRSW
Address:    13241 Woodland Park Road
City:       HerndonState
Prov:       VA
PostalCode: 20171
Country:    US

And what about the real PayPal. Their IP Address is 216.113.188.64.

Also, the email didn’t have my address in the “TO” box (So I’m guessing all the recipients were BCC’d into the list) and the reply address is no-reply@google.com.

I have sent an appropriate email to Road Runner letting them know that someone is using their servers to host phishing sites. Hopefully it can be taken down promptly to prevent any less savvy people falling victim to this really quite amaturish attempt at a phishing scam.

Tags: phishing scam paypal road runner rr