I purchased an article directory script that (somehow) allowed the hacker to upload a phishing script to my server through the "upload photographs" feature. Fortunately, it was caught and removed within an hour of being uploaded (along with the script!), but not before I got this horrifying email from eBay (below). It is an email I don't want to receive again!
Here's the letter. I removed my site name (of course!).
Dear yoursite.com |
We have just learned that your service is being used to display false, or "spoofed," PayPal.com pages, in an apparent effort to steal personal and financial information from consumers, and defraud PayPal users. Specifically, it appears that a yoursite.com user is sending unsolicited messages which misrepresent the sender as PayPal, and making false statements that encourage the recipient to go to a page hosted by you at
asking to enter personal and account information. The purloined information is then sent to an email account and, based on our investigation of similar schemes, used to steal accounts and commit other fraudulent acts including international credit card and wire fraud.
This matter is urgent - we believe that consumers have been falsely directed to this page and may be fooled into divulging personal information to a criminal, if the page is not immediately disabled. We ask that you immediately disable the site at http://www.yoursite.com/Paypal/, as well as any associated email addresses, so that this fraudulent scheme can be stopped. We further request that you provide us with all contact information that you have for this user so that we may provide this information to the proper law enforcement authorities.
While we believe that the above information gives your company more than a sufficient basis for disabling the page immediately, out of caution we note that your user's unauthorized reproduction of PayPal's trademark and copyrighted materials violates federal law, and places an independent legal obligation on your company to remove the offending page(s) immediately upon receiving notice from PayPal, the owner of the copyrighted materials. Accordingly, the information below serves as PayPal's notice of infringement pursuant to the Digital Millennium Copyright Act, 17 U.S.C. Section 512
I, the undersigned, CERTIFY UNDER PENALTY OF PERJURY that I am the agent authorized to act on behalf of the owner of certain intellectual property rights, said owner being named PayPal, Inc. I have a good faith belief that the website located at URL http://www.yoursite.com/Paypal/ has its copyright in each page of its website and associated source code. Please act expeditiously to remove or disable access to the material or items claimed to be infringing.
We sincerely appreciate your immediate attention to this important matter. We would also appreciate if you would take steps to confirm the accuracy of any contact information that your user may have provided to you in establishing the account. Should you have any accurate information that could assist PayPal and law enforcement in tracking this individual, we would greatly appreciate your assistance, as we know that you do not condone the use of your services for such criminal purposes.
Finally, please be advised that we have referred this issue to the Federal Bureau of Investigation for their investigation. The F.B.I. has requested that we convey to you in this message their request that you preserve for 90 days all records relating to this web site, including all associated accounts, computer logs, files, IP addresses, telephone numbers, subscriber and user records, communications, and all programs and files on storage media in regard to all Internet connection information, pursuant to 18 U.S.C. section 2703(f). While we do not act as an agent of the FBI in conveying this request, we do intend to fully cooperate with their investigation, and encourage you to do so as well.
Audit and Investigations
Get automated, real-time notifications of new phishing attacks! Join the Phish Report Network as a RECEIVER today! Phish Report Network: Fighting Online Fraud
Also, don't just purchase any script from "just anybody" - check them out first. It's no fun to be hacked!