1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Watch Out! PayPal Spoof Site

Discussion in 'BlackHat Lounge' started by The Scarlet Pimp, May 11, 2010.

  1. The Scarlet Pimp

    The Scarlet Pimp Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 2, 2008
    Messages:
    788
    Likes Received:
    3,127
    Occupation:
    Chair moistener.
    Location:
    Cyberspace
    • Thanks Thanks x 2
  2. Deviance

    Deviance Regular Member

    Joined:
    Apr 14, 2009
    Messages:
    205
    Likes Received:
    143
    Yeah, who would have known that a website named ''Snazzycat'' isn't really PayPal's official website.

    Thanks for the tip!
     
    • Thanks Thanks x 4
  3. The Scarlet Pimp

    The Scarlet Pimp Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 2, 2008
    Messages:
    788
    Likes Received:
    3,127
    Occupation:
    Chair moistener.
    Location:
    Cyberspace
    ha! well i picked up on the 'snazzycat' domain (thot it was pretty stupid) but there are actually a good number of people who wouldn't look at the url.

    maybe they deserve to get taken to the cleaners... :confused:

    you may not be aware of this, but there are a lot of not-too-brite people surfing the net who get taken by scammers!

    seriously! it's true.

    hmmm... perhaps i've said too much...

    >snicker!<
     
  4. Deviance

    Deviance Regular Member

    Joined:
    Apr 14, 2009
    Messages:
    205
    Likes Received:
    143

    Hah, why else do you think us blackhatters are so succesful ;)?
     
  5. evilman11

    evilman11 Junior Member

    Joined:
    Apr 6, 2009
    Messages:
    149
    Likes Received:
    418
    Occupation:
    chillin at bhw and internet marketing
    Location:
    on the net making my pockets fatter
    heh, and the site isn't even secure which any paypal page that your on even when you arrive at the site is(http and not https). fail...
     
  6. oxonbeef

    oxonbeef BANNED BANNED

    Joined:
    Jan 4, 2009
    Messages:
    2,242
    Likes Received:
    7,872
    This info is all well and good for the informed but the average home pc user would fall strait into that trap. It's a pretty good phishing page and I would
    imagine they harvested quite a few accounts before being put on the danger list.
     
  7. eshelt

    eshelt Junior Member

    Joined:
    Jan 11, 2010
    Messages:
    146
    Likes Received:
    87
    Most likely fake but, here is the who is data if anyone wants to track down the phisher:

    phoenix
    3246 E. Drive
    Los Angeles, California 91206
    United States

    Domain Name: SNAZZYCAT.COM
    Created on: 12-Jun-04
    Expires on: 12-Jun-10
    Last Updated on: 13-Jun-09

    Administrative Contact:
    mirzaian, leon
    phoenix
    3246 E. Drive
    Los Angeles, California 91206
    United States
    8182445487 Fax --
     
  8. evilman11

    evilman11 Junior Member

    Joined:
    Apr 6, 2009
    Messages:
    149
    Likes Received:
    418
    Occupation:
    chillin at bhw and internet marketing
    Location:
    on the net making my pockets fatter
    yeah thats pretty much true. they did a pretty good job of copying the lp and theres no doubt that they phished quite a few accounts. i'm just glad that theres such an abundant amount of these people that aren't all that computer savvy and technically literate cause if there wasn't, i'd have to find a new line of work. :rolleyes:
     
  9. evilman11

    evilman11 Junior Member

    Joined:
    Apr 6, 2009
    Messages:
    149
    Likes Received:
    418
    Occupation:
    chillin at bhw and internet marketing
    Location:
    on the net making my pockets fatter
    if thats the owners real information, that fucking epic lulz... what kind of idiot makes a phishing site and doesn't get whois protection. it's possible that he payed for the domain and everything else with a phished account and thats the info of a phished user, or the person is just a jackass that didn't get whois protection lmao.
     
  10. GreyWolf

    GreyWolf Executive VIP Jr. VIP

    Joined:
    Aug 17, 2009
    Messages:
    1,930
    Likes Received:
    5,389
    Gender:
    Male
    Occupation:
    Artist / Craftsman
    Location:
    sitting at my PC
    The info probably isn't fake. But the snazzycat people probably don't know anything about it.

    Most of these phishing sites are hosted on unsuspecting websites. The files are uploaded to the site by a virus or they hacked the site. Until the owner finds themselves on the google blacklist they won't even realize the files are on their host. If they aren't maintaining the site regularly they might not know about it for months unless someone contacts them.
     
  11. destinyknight

    destinyknight Newbie

    Joined:
    Nov 11, 2009
    Messages:
    13
    Likes Received:
    4
    Interesting, Opera flags this as a fraud site. There is a fraud entry page alert and then a big red fraud favcon in the address bar. I wonder how it looks in IE 6.0.
     
  12. The Scarlet Pimp

    The Scarlet Pimp Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 2, 2008
    Messages:
    788
    Likes Received:
    3,127
    Occupation:
    Chair moistener.
    Location:
    Cyberspace
    Indeed! When I got the email that final destination link was hidden behind text ("Click Here To Continue"), and it was inside of an i-frame.

    It wouldn't fool the regulars here, but many people don't know about things like i-frames and spoofing.

    I thot it was kinda funny due to the lameness. Scary that people fall for it! :stickp4:
     
  13. WizGizmo

    WizGizmo Super Moderator Staff Member Premium Member

    Joined:
    Mar 28, 2008
    Messages:
    3,841
    Likes Received:
    55,442
    There is a lot of that going around. I have also seen this done with AOL accounts.