I got an email this morning asking me to update my ebay account information (or my account would be frozen). I was suspicious, of course. My text-based mailreader mutt rendered the link as http://www.paypal.com/cgi-bin/webscr?cmd=_login-run, but when I inspected the HTML it actually points to update.paypal-verifications.net.
A google search on “paypal-verifications.net” gives almost no results.
It’s obvious now that this is a scam, because paypal doesn’t own “update.paypal-verifications.net.” If you go to the domain, you’ll see a look-alike PayPal login screen, which presumably is there to collect your paypal login and do nefarious things with it, like steal money.
So I thought I’d do my little part by making it clear that update.paypal-verifications.net is a scam, and someone should shut down that website ASAP. In the meantime, at least this bit of information should show up in google searches soon.
As a general matter, for the less fraud-savvy of you out there, always beware of emails along these lines. I’m not sure there’s any bright line test to immediately recognize fraud, but at least pay attention to the actual URL, and ask yourself whether the whole thing makes sense.
Update: Someone who read this entry contacted the abuse division of afraid.org, the (free) DNS provider for paypal-verifications.net. The domain name has now disappeared from the DNS.