Update: PayPal users getting hit by Phone Phishers:
Quote:Hi-tech fraudsters are attempting to trick PayPal users into calling a phone number and giving over sensitive credit card account information.
The tactic follows the same patterns as a recently detected "phone phishing" attack targeting customers of the Santa Barbara Bank & Trust. The attack on PayPal shows that the approach is going mainstream.
As before, the PayPal attack with a spoofed email message that claims that the recipient's account has been the subject of fraudulent activity. Instead of seeking to persuade users to visit a bogus website, these emails urge users to phone a number and verify the details of the credit or debit card "PayPal has on file"...
full article, plus copy of email, and recording of phone message:
http://www.theregister.co.uk/2006/07/07/...one_phish/
The phishers are verifying the card details when people call. The verification is the first clue it's not really PayPal...just kidding (or not).
Quote:the email urges the recipient to call a phone number and verify their details. When dialled, users are greeted by an automated voice saying:
"Welcome to account verification. Please type your 16 digit card number."
Once the credit card details are entered, the scammer is free to steal the information for their own gain. If incorrect card details are entered, a request for re-entry is made, further enhancing the legitimacy of the fraudulent telephone number, which is still live.
http://www.sophos.com/pressoffice/news/a...alvox.html
Phishers always stay one step ahead of everybody and change their methods real fast. :-\