PayPal phishing victims

UPDATE: It appears the site is offline now. The people listed below (and possibly others) still exposed their information to an unknown number of people and should take the necessary precautions. However, no new victims should be able to fall for this now.

Today I received one of those typical “Your PayPal account has been locked and you need to submit all your personal information to us to reset it” phishing emails.  Because I’m a geek, I investigated it to see what it was trying to do with my info.  I found that the submitted information was stored in a plain text file accessible to the general public.  I found that 11 people had already submitted a bunch of their personal information (name, address, phone number, mother’s maiden name, date of birth, Social Security number, and credit card number).  While submitting this to a phisher is bad enough, this phishing site is so simple that anyone with a little bit of technical knowledge can see everything that was submitted.

James Sanders
Jose Gonzalez
Susan Townsley
Lisa Siders
Lejsek Antonin
Jonathan Donald
Fred Grothe
Judy Stump
John Howard Sanden
Valerio Varela, Jr.
Robert Hastings
Janice Dawson
Marc Farley
Julie Luckasen
Horst Albert Gunter Kranz
Mellie Cran
Steven Swift
Dave Smith
Miguel Montano
Ed Longanecker
Wesley Kitten
RoyAnne Neely-Morrison
Tom Niebur
Cristina Bernar
Verlee Sanneman
Mike Roark
Jeff Richker
Holly Fuller
Thomas Mannino
Kathleen Shea
Rick Bodenschatz
Judith Foster
James Zimmerman
Genie Bost
Elizabeth Smith
Ann M Condit
Pamela Clement
Priscilla Khanoyan
Gardner Brooks
Larry Thompson
Scott Smartt
Christina Gietzen
Lance Kepler
Dr. P. Rory O’Neill
Linda Nickell
Neil Yontz

It appears you received an email that looked like this:
PayPal phish body

The attached form looked like this:
PayPal phish body

The information you submitted is now in the hands of scammers, as well as anyone savvy enough to examine the phishing email. At the very least, those credit card numbers should be cancelled immediately. Unfortunately, the rest of your info can’t simply be cancelled out like that. You should follow the advice at for taking care of the compromised information.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: This post is over 5 years old. You may want to check later in this blog to see if there is new information relevant to your comment.