James O'Neill's Blog

September 21, 2006

Get Safe On-Line, Richard Hammond, and Paypal

Filed under: Security and Malware — jamesone111 @ 11:58 am

We’re getting ready to re-run the Get Safe Online campaign. I worked on it last year in my old role, which was how I first got to know Steve. TV presenter Richard Hammond was involved in last years launch, and those who worked with him came back saying what a nice chap he was and how he was genuinely interested (rather than turning up to be a famous as some celebreties do). So it was extra sad for us to hear he had been bad hurt and was “Critically ill” in hospital after an accident filming for the Top Gear programme yesterday. It’s good to hear in this morning’s news that he is improving; we hope he makes a full and speedy recovery.

E-bay were one of the sponsors of GSOL last year, and their PayPal subsidiary are obviously thinking about get safe on line, they sent me a mail overnight entitled “Learn how to spot fake emails and stay safe online.”

Paypal have prepared a  list of tell tale signs for spoof mail. Lets apply their guidelines to their message


  1. Generic greetings.
    It’s addressed to me, not “Dear customer”, so that looks OK.
  2. A fake sender’s address.
    It says it’s paypal@email.paypal.co.uk  Fake ? Genuine ? I can’t tell, and mail addresses are easy to spoof.
  3. A false sense of urgency.
    This one doesn’t seem urgent.
  4. Fake links. (Which take you to a spoof website, Install spyware, or cause you to download a virus)
    Fake links. They have a link to  http://email1.paypal.co.uk/u.d?Flk0gMzpcUFlw9=11 is that fake or genuine?  Oh oh! This might be a phishing mail.
  5. Emails that appear to be websites.
    It sure looks like their web site… this is begining to look like a phising mail.
  6. Deceptive URLs. (if you see an @ sign in the middle of a URL, there’s a good chance this is a spoof …  other examples of deceptive URLs include: http://www.paypalsecure.com, http://www.paypa1.com, http://www.secure-paypal.com, and http://www.paypalnet.com. Always log in via the home page   Never  from a link in an email)
    But the want me to go to a a website from a link in this mail !! Lets check the Pay Pal home page – no there are no links to any of these things there.
  7. Misspellings and bad grammar.
    I couldn’t find any.
  8. Unsafe sites. (If you don’t see “https,” you’re not in a secure web session, and you should not enter data.)
    And this links to an HTTP url on an HTTPS one (though it never asks for data)
  9. Pop-up boxes.
    No we don’t have any of those
  10. Attachments.
    No clickable attachments either

 So the Message to paypal would be … when warning people about links in mail, don’t do it with a link in an a mail !! And if your running a campaign, put a link on your home page for it


Tagged as Microsoft Get Safe On-line phishing PayPal Richard Hammond

This post originally appeared on my technet blog.


Blog at WordPress.com.

%d bloggers like this: