

PayPal Hacked? No, phising just got more sophisticated - X4

I got an email, purposely by Paypal, saying that my account was limited temporarily, due to foreign access to it. Sounds convincing, eh? No typos, the image urls are all from paypal, so there is no normal way you can find out that this email is not from PayPal, but looking into the source.<p>Hey wait.. it&#x27;s base64 encoded and the html part looks legit, no invalid urls.
But something isn&#x27;t right. The verification link shows a valid paypal url, but when hovered, it links to an url shortened by http:&#x2F;&#x2F;tr.im&#x2F; that&#x27;s odd.<p>Because javascript is not disabled for trusted domains only, this could&#x27;ve tricked me. The attacker used a legitimate paypal smtp server, and passed the SPF test. Idk how.  This emails has everything right, name,email etc. 
Seems that an onlineshop I used got hacked (looking at you Adobe). I didn&#x27;t click. It admittedly surprised and concerned me though. But getting told that you got hacked, makes you sensitive.
I&#x27;m on a hardened os and kernel, having a hardware and software firewalls and IDS running. That&#x27;s good enough for a false feel of security only. More important: Disable all browser plugins! That&#x27;s worth more than an IDS system, trust me.<p>How can you too avoid getting skimmed by ultra sophisticated and highly targetted attacks like this? I don&#x27;t know. But you can generate a new email for each service you use and setup a Catch-All email address wildcard that forwards to your central inbox. Useage: google@domain.org, amazon@domain.org This can help you identify who sold your data address. To kill the spam, just delete adobe@domain.org<p>Never use info@ or you will get spam without registering anywhere.
======
fuj
No offense, but if you got a phishing email from a paypal smtp server than
that is more important than the PSA of your last paragraphs. Report it to
paypal asap.

------
zaroth
I think PayPal might be interested in the headers if it did actually come from
their server.

