During the past week PayPal subscribers have been targeted by fraudulent e-mails that appear to be from PayPal, according to an eBay spokesman.
The e-mails - probably sent to a group of internet users rather than to specific PayPal subscribers - inform recipients that their PayPal accounts were randomly selected for regular security-related maintenance and put on limited-access status, according to a posting to Netsys.com's Full Disclosure mailing list.
Users are told that to restore their accounts to their regular status, they must confirm their e-mail addresses by logging into their PayPal accounts using a form embedded in the e-mail and provide their e-mail address, password, bank account number, and credit card number and expiration date.
However, according to the poster, the data was not going to PayPal, but rather to an .ru host (.ru is the two-letter code for Russia). "This is a phenomenon that is really persistent," the eBay spokesman said. "We first noticed it early in 2002."
He said that although eBay has tried to determine who is responsible for sending the bogus e-mails, catching perpetrators isn't easy. Because eBay usually doesn't learn of an e-mail scam until 24 to 48 hours after it has hit users' in-boxes, the scam artists have already shut down the fraudulent site and are long gone.
The online auction house eBay is now testing a system to designed to detect spoof sites.