Lik-Sang Phishing Scam E-Mail PLEASE READ & BEWARE!!!

Kerig

Kerig

Target won BF'23 w/$350 consoles
Feedback
85 (100%)
I REALLY hope no one has fallen for this yet, I would have posted sooner, but haven't been able to check my mail until now.

I received an E-mail from "Lik-Sang" (E-mail sender was [email protected])

Here's the rundown:

Lik-sang is gone, we're refunding any credits that you may have, you're entitled to $9.99. Please let us know if your Paypal account is still valid by clicking "here" and providing info for us to process your refund...

The link it clicks to is ljk-sang.com...again, that's LJK-SANG.COM...and it brings up a fake Paypal page for you to ENTER YOUR PAYPAL PASSWORD!!

This is a major scam targeted towards us gamers, I almost thought it was legit except for the simple fact that....wait for it...I've NEVER ordered from Lik-Sang before...ever! :) I'm on their mailing list though for updates on a few things...that's how I was connected to it.

Here's the entire text of the E-mail if you'd like to read it:

Dear valued customer,

Your Login/Email is:
Your password is: ********

As of today, Lik-Sang.com will not be in the position to accept any new orders and will cancel and refund all existing orders that have already been placed. Furthermore, Lik-Sang is working closely with banks and PayPal to refund any store credits held by the company, and the customer support department is taking care of any open transactions such as pending RMAs or repairs and shipping related matters. The staff of Lik-Sang will make sure that nobody will get hurt in the crossfire of this ordeal. To read the full article please visit: http://www.lik-sang.com/news.php?artc=3901

Our records indicates you can retrieve an additional $ 9,99 USD refund in your PayPal account. In order to successfully retrieve the refund please confirm your existing PayPal account on this page [link removed]. Please notice that the confirmation of your PayPal account is needed to have this refund send into your PayPal account.

If your PayPal account is no longer active on this [my address] address you will have to create a free PayPal account at: https://www.paypal.com/cgi-bin/webscr?cmd=_registration-run to retrieve this refund. Once your account is created and activated please confirm your account information at the above page.

We feel very sorry for any inconvenience and trying to make all refunds to take place as soon as possible.

Team Lik-Sang
Click to expand...

This is VERY SERIOUS, and if *I* almost thought it was legit, imagine a gullible money-starved young one who HAS ordered from Lik-Sang in the past getting this! I'm just afraid I might be too late for some, but it needs to be called out quickly, and CAG is the major target market for something like this...
 
Damn, there are some very clever assholes out there. It is identifiable as a scam, but as you say it can be easy to fall for something like this if you aren't quite thinking clearly.
 
I like how he even says that you can sign up for a paypal account if you don't have one so that you can get your refund.

Thanks for the heads up.
 
Hmm...

I posted about this on Monday morning, nowhere to be found now.

I forwarded the email to paypal and notified lik-sang about the scam.

Wouldn't make a fuss if my post wasn't totally gone. Guess I should go straight to CheapyD next time so I can make the front page:)
 
[quote name='Grave_Addiction']The Nigerians strike again![/quote]

Nah, they're probably Eastern European phishers. They are a bit more sophistacted in their scams, some are really good, like this one. The grammar and syntax of this one looks American, but I doubt it's from the US.

Domain Name: LJK-SANG.COM
Registrar: GO DADDY SOFTWARE, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Name Server: NS1.EDITDNS.NET
Name Server: NS2.EDITDNS.NET
Name Server: NS3.EDITDNS.NET
Status: REGISTRAR-LOCK
Updated Date: 30-oct-2006
Creation Date: 30-oct-2006
Expiration Date: 30-oct-2008
 
Thanks for the heads-up I haven't seen the email but it's good to know. You know ......like i was told on GI Joe. Knowing is half the battle.
 
I consider myself very savvy about phishing scams and spoof, and yet I almost walked right into this one. I bought something from them earlier this year, so I thought maybe I got a little return for being a customer.

After looking at the e-mail a second time, I noticed it's ljk instead of lik. But when I tried to go to ljk-sang.com, it redirected me to the real site, so I almost thought it's the real deal.

Anyway, I used my real e-mail address for user name, and typed in a garbage password, then hit continue. The next page gave me the standard wrong password error, so I tried the same garbage password that I used the first time, and it went through the second time around. (also of note is that the spoof site is not a secure connection, which kinda gives it away that it's not the real Paypal site)

So at the third page, there's a message saying you only have one chance of getting the $9.99 back, and there are 2 buttons: cancel and continue. I clicked on continue, which then actually takes you to the real Paypal site. The script on the spoof site probably entered the user name and password it recorded from the previous page, and tried to log into Paypal for you. Of course at that point I closed my broswer.
 
You must log in or register to reply here.
bread's done
Back
Top