[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Wednesday, 19 November, 2003, 08:45 GMT
Virus tries to con PayPal users
Computer keyboard
There has been a spate of such scams recently
Security experts are warning e-mail users about a virus which tries to fool people into giving away bank details.

Mimail.J targets customers of web payment system PayPal, and is the latest "phishing" scam, which tries to dupe users of financial services.

The worm travels as an attachment to a convincing e-mail, but once opened copies itself to other addresses.

Experts warn that the Windows virus is set to spread more rapidly and say users should ignore and delete it.

Fake page

The e-mail pretending to be from PayPal has the subject line "important" and the attachments carrying the worm are called InfoUpdate.exe or www.paypal.com.pif.

The message content warns the receiver their account is about to expire and urges them to update their credit card details.

It also asks for other important details such as mother's maiden name and social security number that many sites use as an additional security check.

Any criminal getting hold of these details could also use them to steal identities.

Once opened, the worm launches a fake PayPal verification window which, once filled out, sends the card details to a remote server.

The spoof e-mail is the latest example of a malicious virus that tries to con people out of money, rather than just cause annoyance and inconvenience.

Users of Microsoft Windows 95,98, 2000, NT, Me and XP are vulnerable to the malicious program.

MIMAIL.J DETAILS
Screengrab of the Mimail.J virus
From: Do_Not_Rely@paypal.com
Subject: Important (followed by blank spaces and random characters)
Attachment: www.paypal.com.pif or infoupdate.exe
Size: 13,856 bytes
"This suggests that the mindset of the virus author is changing," says Mark Sunner, chief technical officer at net security firm MessageLabs.

"We are now seeing a new breed of cyber-criminal intent on using viruses as a means of lining their own pockets."

He says the virus writers are taking a "hit-and-run" approach, intending their wares to be short-lived.

"They rely on duping a crop of unsuspecting users before a new variant is released and the process begins again," he says.

The worm was first spotted on Monday and is thought to have originated from France.

But analysts say the majority of e-mails sent have come from the USA and it is spreading quickly.




SEE ALSO:
Users face malicious web attacks
08 Nov 03  |  Technology
A glimpse inside the virus writer
05 Nov 03  |  Technology
E-mail scam targets Nationwide
27 Oct 03  |  Business
New Windows virus hits computers
28 Oct 03  |  Technology
Devious virus attacks on the rise
02 Oct 03  |  Technology
E-mail scam targets online bank
26 Oct 03  |  Business
Scam targets NatWest customers
24 Oct 03  |  Business
Lloyds TSB e-mail scam alert
24 Sep 03  |  Business
Scam targets Barclays customers
13 Sep 03  |  Business


RELATED INTERNET LINKS:
The BBC is not responsible for the content of external internet sites


PRODUCTS AND SERVICES

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia
UK | Business | Entertainment | Science/Nature | Technology | Health
Have Your Say | In Pictures | Week at a Glance | Country Profiles | In Depth | Programmes
Americas Africa Europe Middle East South Asia Asia Pacific