Email scam defrauds Net users

Internet users warned of PayPal email scam

Fraudsters have launched an online scam designed to steal bank account information from unwitting Internet users, after promising them $200 (£137) in a fake email.

A spoof email message, which falsely claims to have been sent from an AOL account, tells the recipient they have been paid $200 though PayPal, a online payment system, but then forwards them to a counterfeit PayPal Web page created to entrap their account information.

This scam exploits one of many methods for transferring funds over the Internet securely. The real PayPal acts as an authority in online transactions, authenticating the identity of both parties and once a customer has registered with PayPal, access to their account -- protected by username and password -- provides a means of transferring money in and out of their bank account.

Experts are warning users not to be duped by such a suspect offer. "If they receive an email, people need to do a sanity check," says Graham Cluley, senior technologist with UK computer security firm Sophos.

While Internet scams are nothing new, Cluley says that they are becoming ever more sophisticated. "Certainly I think hackers and the like are getting more cunning. It's very easy to set up a Web page for people to enter password information."

The email comes with the message "Betty Hill has just sent you $200.00 with PayPal" and it is thought to have originated in the Philippines.

Cluley says another common problem lies in the fact that many people use the same username and password for a variety of online services. Once this information has been captured, various accounts will be open to attack.

Take me to Hackers

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the ZDNet News forum.

Let the editors know what you think in the Mailroom. And read what others have said.