|
1
|
|
|
2
|
|
|
3
|
|
|
4
|
|
|
5
|
|
|
6
|
|
|
7
|
|
|
8
|
|
|
9
|
|
|
10
|
|
|
11
|
|
|
12
|
|
|
13
|
|
|
14
|
|
|
15
|
|
|
16
|
- Right-click on the message.
- Select “View Source”
- The source code will open in Notepad.
- Edit -> Find
- Search for “http”
- Message 1 Source Message 2
Source
|
|
17
|
- <a href=http://www.topcc.org>
- <a href=“http:// 211.202.2.79/login.asp”>
- <a target=_new https://site.com/etc>
- <img src="http://images.paypal.com/logo.gif”>
- The URL may or may not have quotes around it.
- It may have other code between “<a” and “http”.
- It may be https instead of just http.
- It may be a link to an image instead of a page.
|
|
18
|
- You may see something like href=/exchweb/bin/redir.asp? before the
actual URL.
- Just ignore that part and look for what’s after http.
- Source code for web-based email will have added code.
|
|
19
|
- http://211.202.2.79/~funkeyboy/.../.www.paypal.com/www.paypal.com/cgi-bin/webscrcmd_login.php
(Obviously not the PayPal site.)
- https://www.paypal.com/row/PREFS-NOTI
(Actually DOES go to the PayPal site.)
|
|
20
|
- https://www.paypal.com/us
- https://www.paypal.com/us/securitytips
- https://www.paypal.com/us/VERIFY
- https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run
- https://www.paypal.com/us/PREFS-NOTI
|
|
21
|
|
|
22
|
|
|
23
|
- Never click on a link in a suspicious email.
- Instead, type the link into your browser manually.
|
|
24
|
- Now you know why spam filters may have a hard time figuring out if a
message is spam or not.
- Many fake messages look just like real messages.
|
|
25
|
|
Notes