Hi guys, just got this in my inbox. Gmail spam filter completely missed it..... How can we shut this SOB down?

Delivered-To: @gmail.com
Received: by 10.100.143.5 with SMTP id q5cs104890and;
Sat, 19 Jan 2008 14:07:14 -0800 (PST)
Received: by 10.78.171.20 with SMTP id t20mr7206530hue.41.1200780433244;
Sat, 19 Jan 2008 14:07:13 -0800 (PST)
Return-Path: <info@customer-paypal.com>
Received: from worldlinkits.com (mx.worldlinkits.com [88.96.2.186])
by mx.google.com with ESMTP id k10si9725141nfh.17.2008.01.19.14.07.11;
Sat, 19 Jan 2008 14:07:13 -0800 (PST)
Received-SPF: neutral (google.com: 88.96.2.186 is neither permitted nor denied by best guess record for domain of info@customer-paypal.com) client-ip=88.96.2.186;
Authentication-Results: mx.google.com; spf=neutral (google.com: 88.96.2.186 is neither permitted nor denied by best guess record for domain of info@customer-paypal.com) smtp.mail=info@customer-paypal.com
Received: from User ([89.36.41.147] RDNS failed) by worldlinkits.com with Microsoft SMTPSVC(6.0.3790.1830);
Sat, 19 Jan 2008 22:06:09 +0000
Reply-To: info@customer-paypal.com
From: PayPal<info@customer-paypal.com>
Subject: Your account will be limited !
Date: Sat, 19 Jan 2008 04:31:18 +0200
MIME-Version: 1.0
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 1
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Bcc:
Return-Path: info@customer-paypal.com
Message-ID: <WITSDC01lNY30kkZIhT00000200@worldlinkits.com>
X-OriginalArrivalTime: 19 Jan 2008 22:06:09.0475 (UTC) FILETIME=[7F009930:01C85AE7]


Body:

Dear PayPal Customer,

You Have 1 New Security Message!

Call and resolve the problem.

Call our Card Department at (202)-449-5169



Thank you for using PayPal
The PayPal Team Account Department

---------------------------------------------------


PayPal Email ID PP2921

I have just called that number......



It is automated, asking for card numbers, pin, the works.


"Dear paypal customer, your account has been selected for regular maintenence, please enter your card number followed by the something key to continue......

This is being worked on at the network security level.

Thanks ...

ew

Almost forgot to report back!

Phone line has been disconnected .. it just rings to a disconnect.

Thanks for reporting it!

What I am wondering: can't law enforcement easily find who registered that phone number, and make a case against the culprit? Or can telephone numbers (in the U.S.) be registered as anonymously as domain names?

The short answers are:

yes
maybe .. not always
yes

I think it is becoming increasingly easier to register fraudulent phone numbers for these types of purposes, especially with the rise of VoIP communications. If I am not mistaken, you can register a number like that through skype or a similar service, using a stolen credit card or something, that way almost 0 chance of getting caught

That's entirely true. Check out this blog at:

http://mal-aware.org

It's the third one on the list:

"Emerging Threat: Please forward your phone number to our Skype number!"

This was last Spring .. and a Skype number. You can get those as easily as you can register a fraudulent domain for phishing. These often use the identity/credit card information of a previous victim.

Whatever new technology that comes along, IMHO, must be looked at from the standpoint of abuse *before* it hits the public market .. not after when (not 'if') the problems arise.