Jump to content

Wolfspirit Magic

Resident
  • Content Count

    6
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Wolfspirit Magic

  • Rank
    Newbie
  1. That is one thing a professional Attacker might hope for: People that don't think of a data leak cause they did not get a message and don't think it's logical to not target everyone at once. Why is it so hard to believe that someone might not attack everyone at once? Still nobody says, that germany is the only target. As the mail was in german the current wave looks like german only. The attacker might go and write a new mail in another language for another country soon. There are many points a region based target is better for the attacker then attacking everyone at once: - Localized Mail
  2. Nobody says, that the person behind the phishing attempts targets exclusive paypal or germany. It might be one of many waves. Who knows if the person might do a different region with a different mail (belgium or france for example) and another payment method in a month? The message was in German, there is no reason for the attacker to send the mail to everyone. All my other mailadresses (even my main google apps address) don't get many spam (maybe 2 mails per day, directly send to the spam folder, as it was the case with that mails, too) while I've 6 catchall domains and a googlemail address
  3. Domain actually is relevant. If I'd have a big list of mailaddresses, I would at first choose one region (and not english .com as that will be to obvious if I got the mails somehow from an english/american company), write a mail in that language, choose one widly used payment method and ask the user for more information. Who knows if the attacker maybe just got the german addresses somehow? The mail itself is not written in the usual "bad german" (except of a few typing issues), but even had html formatting in it. At the first view the mail looks professional. As a professional attacker is no
  4. Do you have a ".de" Mailaddress? If no, then this will explain why you did not get that phishing attempt. All my other Mailadresses with ".eu" Domain did not get it. Just the two with ".de". And it has nothing to do with paypal as the Mailaddress I used was never used for paypal. In my opinion it's an attempt on many german Secondlife mailaddresses focusing on people who might use paypal (like many people in secondlife do). Nearly every german friend I talked to yesterday got that mail to their SL Mailaddress, no matter if they use paypal or not. It's not just one. I send the plain mail to
  5. As a response to my Group Notice send out according to paypal phishing in the official Firestorm Support Group for Germany, I got many responses of people who got that mail. Everyone who got that mail, got that mail via a mailadress either used or was used for Secondlife. Also nearly every (german) friend of me got that Mail, too. I assume that especially mailadresses with ".de" were targeted as the mail is written pretty well in german. Once you enter data into the form, the link gets invalid and redirects to google with the search query "paypal.de" for me, which is a wrong redirection in the
  6. Today I got two german Paypal phishing mails. Both are mailadresses used for Secondlife. The problem is that one of the mail adresses is ONLY used for Secondlife. I've my own domain and I registered an alt account with random characters as name (catch-all, so not listed anywhere). I never entered that mailadress anywhere else then the registration form of secondlife. NEVER. The only thing I get on that mail are secondlife things and nothing else except the paypal spam today. I'm using Google Apps. I am more sure then anything that the phishers got the mailadress from Secondlife. There is NO
×
×
  • Create New...