This is Advanced Corporate Planning.comThis is Advanced Corporate Planning.com
 
Home  |  Contact Us  

Paypal Scam #3

New worm W32/Mimail-I uses PayPal scam to spread on the Internet

A new e-mail worm is spreading on the Internet and posing as a message from PayPal Inc. in an effort to harvest credit card numbers and account passwords. W32/Mimail-I is a new version of the Mimail worm, which first appeared in August, and is believed to be the first e-mail worm specifically designed to steal personal financial and account information.

Mimail-I first appeared late yesterday in what antivirus experts believe was a massive e-mail "seeding," in which spam programs are used to distribute messages containing the virus attachment, according to Craig Schmugar, a virus research engineer at McAfee Anti-Virus Emergency Response Team, (part of Network Associates Inc.).

Like earlier editions of Mimail, the I-variant can also spread by itself. The worm contains its own SMTP (Simple Mail Transfer Protocol) e-mail engine and harvests e-mail addresses from victims' computers. Unlike earlier versions of Mimail, MiMail-I contains a message that tells recipients that their PayPal account will soon expire and that they need to re-enter their credit card information through "our secure application," referring to the executable file attached to the e-mail message.

When users click on the file attachment, the worm opens a window on their desktop that displays the PayPal logo and contains fields for entering their PayPal account password and credit card information. Information that is entered into the fields is sent to four e-mail accounts belonging to Internet domains in the Czech Republic. Typically, phisher scams use spam to drive unwitting Internet users to phony Web sites, where their information is captured.

In July, the FBI and Internet service provider EarthLink Inc. warned about a spike in such scams since the beginning of 2003. Coupling such scams with a self-spreading e-mail worm is a new twist and is probably designed to increase the number of potential victims exposed to the scam. However, the new worm's similarity to earlier versions of e-mail scams, coupled with the suspicious attachment and poor spelling probably mean that Mimail-I will not create a large number of new identity-theft victims.


NOTE: ALL information contained in this site is for illustration purposes only, and by NO means should be considered individual tax or legal advice under any circumstances whatsoever!

Lynn R. Siewert AIMC
Pension Consultant   |   Branch Manager
CA Insurance License #00B00579
2005 E. Evergreen Blvd
Vancouver, WA 98661

First Allied Securities
Securities Offered Exclusively Through
First Allied Securities, Inc.       Member NASD/ SIPC
All other products and services provided exclusively through Advanced Corporate Planning

This site is published for residents of the United States only. First Allied Securities' Financial Advisors may only conduct business with residents of the states for which they are properly registered. Therefore, a response to a request for information may be delayed. Please note that not all of the investments and services mentioned are available in every state. Investors outside of the United States are subject to securities and tax regulations within their applicable jurisdictions that are not addressed on this site. Contact your local First Allied Securities office for information and availability.
© 2006 Advanced Corporate Planning
All rights reserved