1
kurtrossel 2016-05-03 14:12:11 +08:00
央视记者看这里~~~
妈妈我上电视了~~~ :doge: |
2
holong2000 2016-05-03 14:19:07 +08:00
通过浏览器挂马泄露的吧?楼主用的什么浏览器?
|
3
123s OP |
4
123s OP @holong2000 如果是之前就泄露,为什么最近才登录? 我之前买 vps 的时候用过 paypal ,其他时候都不用
|
5
123s OP Dear Member:
Our security system detected unusual charges to a credit card linked to your PayPal account. From earlier today, your account has been temporarily limited due to the following reason: Suspicious activities triggered our security system which shows that an un-authorized user made an attempt to access your PayPal account without your consent. In order to ensure greater security, we have limited access to your account. We have sent you an attachment file which contains the required steps that allows us to restore your account access. Simply download the form and open it in your web browser. We hope that you understand that this is a security measure intended to protect you and your account. We apologize for the inconvenience. Sincerely, PayPal 再看了一下,好像不是密码问题? |
6
maddot 2016-05-03 14:30:13 +08:00
不是密码问题啊,大概是某未授权用户想通过 paypal 从你绑到 paypal 上的信用卡扣钱
|
9
Stupitch 2016-05-03 15:18:27 +08:00
我最近看过自己的 paypal 账单,完全没有问题,至于说泄密,要么你自己上钓鱼网站了,要么干脆就是 keeppass 的锅,说实话,我自己连谷歌的密码存储都信不过(不是技术方面的,万一我谷歌账号被盗了我不就完了?),所以我从来都是手打,虽然麻烦,但是安全很多
|
10
imn1 2016-05-03 15:37:43 +08:00
|
11
ETiV 2016-05-03 16:19:21 +08:00
We have sent you an attachment file ... Simply download the form and open it in your web browser.
这就是在钓鱼的吧…… |
12
jzk 2016-05-03 16:20:52 +08:00
14 年开始用,之前就泄露了。。。 op2 年都不换一次密码?
|
14
Stupitch 2016-05-03 16:35:02 +08:00
@imn1 https://support.google.com/chrome/answer/95606?hl=zh-Hans 自己看,我说的就是这个东西,万一我谷歌账号被盗了我不是彻底成 SB 了?当然,两步验证和动态登陆口令也不错,但是总感觉怪怪的,我不是很喜欢用,尤其是在大陆
|
18
wxdjs 2016-05-03 20:57:20 +08:00
@123s 我的 gmail , hotmail , outlook , msn 邮箱主密码都是固定密码+有规律的随机字符,这是我非常重要的邮箱了,绑定了 apple id 等,国内邮箱由于不太相信安全,都是另一套密码+随机字符,其它论坛等不重要的都是记住密码,
银行方面的登陆密码都是同样的密码,但不同于上述密码, |
20
bbfly8 2016-05-03 21:35:58 +08:00
结尾注明有 “ PayPal 电子邮件编号 PPxxxx - xxxxxxxx ”的
|
21
itommy 2016-05-03 22:13:08 +08:00 via iPhone
看这英文比以前的钓鱼邮件英文好多了
attachment file 我是第一次见 un-authorized 也是第一次见 greater security 怪怪的 |
22
imlonghao 2016-05-03 22:18:14 +08:00
反正不是 Dear 我的名字的我都不信
|
23
markx 2016-05-03 23:26:03 +08:00
"shows that an un-authorized user made an attempt to access your PayPal account without your consent."
说是有奇怪的人尝试登录你的帐号,并没有密码已经泄露的意思啊。 |
24
microka 2016-05-03 23:49:51 +08:00 via iPhone
标题党
|
26
ouqihang 2016-05-04 07:54:06 +08:00
@ETiV 我也觉得这段话的措辞有问题,用词和语态使用不当。
上面几位都提到了这封邮件的问题,特别是 Dear 那个,官方邮件会在最后提到 How do I know this is not a Spoof email? Spoof or ‘ phishing ’ emails tend to have generic greetings such as "Dear PayPal member". Emails from PayPal will always contain your full name. 这就很关键了,我邮箱一堆垃圾邮件都是 Dear+邮箱用户名,见到直接无视,因为我的用户名跟真名不搭边。还有把邮件标题贴出来瞧瞧,看看吓不吓人。还有收件箱里面除了 invoice 是附件外一般就没有其他类型的附件了。 |