Paypal Virus Headsup

[silencio]

Computer Virus Attempts
PayPal 'Phishing' Scam
By RIVA RICHMOND
DOW JONES NEWSWIRES

An e-mail virus designed to facilitate a PayPal "phisher" identity-theft scam is circulating among computer users globally.

Though the virus, which first surfaced late Thursday, hasn't become a large outbreak as of yet, computer-security companies warned that it poses a considerable danger to consumers who may fall victim to a phony request for credit-card information from PayPal, eBay Inc.'s online payment unit.

The virus, the ninth variation of the "Mimail" virus that first appeared in August, arrives as an attachment to an e-mail with a "from" address that is forged to appear to be from PayPal. It has the subject line "YOUR PAYPAL.COM ACCOUNT EXPIRES," and its message asks PayPal users to update their account settings with a host of personal information.

The Mimail viruses have been at the leading edge of an evolving online scam known as "phishing," in which thieves send consumers e-mails that appear to come from major corporations and direct them to divulge personal data, such as credit-card information and social-security numbers. Most phishing scams have been delivered by massive spam blasts, but viruses have become the latest mechanisms because of their ability to spread far and wide.

The latest version, which is known as "Mimail.I," is the most convincing Mimail ploy yet, said Mark Sunner, chief technology officer at e-mail filtering firm MessageLabs. "The perpetrator is obviously trying very hard to make this thing look authentic," he said. "Because we're seeing more of them, obviously this is proving very successful."

MessageLabs has blocked more than 2,100 copies of the latest Mimail virus coming from 34 countries. Its forerunner, "Mimail.A," is the sixth most active virus of all time, according to the firm, which has stopped 1.2 million copies of that virus coming from 164 countries.

Ironically, the Mimail.I's creator plays on computer users' security fears to gain their compliance, writing in the e-mail message: "We are taking these actions because we are implementing a new security policy on our website to insure everyone's absolute privacy."

The recipient is asked to run an attached program that is supposedly safer than sending an e-mail. Clicking on the attachment, which reads either "www.paypal.asp.scr" or "www.paypal.com.scr.", activates a program that generates a dialog box displaying a PayPal logo that requests information such as credit-card number, PIN number, card expiration date and the three-digit security code printed on the back of cards. The resulting file of information is then sent off to the fraudster, while a viral mechanism resends the e-mail out to addresses it finds in the victim's hard disk.

[Orangeman]

I've gotten this sort of thing from Ebay, Paypal, Amazon, Aol and some others. It usually comes right after I've just updated my account.

I never give my info out now unless I verify it over the phone first...