| Author |
Topic: EBAYERS !! maybe the vilest Phising Scam yet... |
Mark van Allen
From:
Watkinsville, Ga. USA
|
Posted 17 Dec 2005 3:39 pm |
|
Usually they're pretty easy to spot- but yesterday I got a real doozie via email.
This one looks EXACTLY like an official "question from an ebay member" about an ongoing auction, with all the typical headers, logos, etc. The subject line is: ebay member RE: question for item #5801824341
The body of the question was
| Quote: |
| There are now 2 months since I paied for the item and I still didn`t receive it.This is my last warning : unless you solve the problem the first thing I shall report you to ebay and second I shall go to the police . |
Then there are the typical buttons to click to "answer this on auction" which when clicked go to a very official looking ebay login screen.
The normal reaction for a harried seller would be to assume this was an unhappy cutomer from some time back, or someone mistaking your auction for another, and click on the button to answer... logging into the (fake) screen would of course hand over your password to the scammer who will immediatley change it, hijacking your account to whatever ends.
I've never seen one this sophisticated, and if I hadn't checked the auction number FIRST I might have just clicked on through, as I get quite a few legitimate ebay questions that look EXACTLY LIKE THIS. On second glance, I saw the link to the "ebay sign in page" began with "htps" instead of "https".
These creeps are getting more and more devious- I'm hoping no one here will get taken in by this. Reported to spoof@ebay.com who verify it as a new type of Phish scam.
Happy holidays and safe surfing...
------------------
Stop by the Steel Store at: www.markvanallen.com
[This message was edited by Mark van Allen on 17 December 2005 at 03:40 PM.] |
|
|
 |
Bob Martin
From:
Madison Tn
|
Posted 17 Dec 2005 10:10 pm
|
|
Just remember the one and only ebay rule!!!!!! EBAY WILL NEVER SEND YOU AN EMAIL ASKING YOU TO CLICK ON A LINK AND THEN LOGIN IN ON THAT CORRESPONDING PAGE! Now they might send you emails but it will not include a clickable link to their site it will just say go to http:/wxw.ebay.com but of course the link will not be clickable.
As long as we all remember this rule it will help eliminate most of the phishing scams. Thanks Mark for the headsup these scams make me see red. I've been caught is a scam years ago on AOL although it wasn't a phishing scam I learned my lesson very well. I lost my AOL account (no big loss hee hee) and AOL got me another one but ever since then I've been very wary of funny looking things. Now keep in mind this was in 1996 so it was before anyone had ever heard of scams on a large scale.
Well heck I'll just tell you what happened. I met a nice young lady on aol and we were chatting very innocently and she said it was a shame we couldn't see what each other looked like and offered to send me a pic of herself and asked me to send her mine. So we sent each other pics thru aol's email service and "viola" about 1 day later my account was hijacked. Of course when I finally realized that she has slipped a password gleaner on to my hard drive all of my passwords were compromised.
The only damage was to my aol acount thankfully. Well everybody be careful and have a Merry Christmas![This message was edited by Big Bob Martin on 17 December 2005 at 10:11 PM.] |
|
|
|
Mark van Allen
From:
Watkinsville, Ga. USA
|
Posted 18 Dec 2005 1:19 am
|
|
Bob, that's what I'm talking about that is so insidious about this one-
EBAY DOES SEND YOU A PAGE WITH CLICKABLE LINKS when someone asks a question during an auction. This page looks EXACTLY like the normal ebay auction question page, with the clickable link to "answer this question on your auction now". The only difference is the auction number itself was a fake- luckily I checked that out of suspicion.
Perhaps you've have never had ebay forward you a question during one of your auctions, but that's exactly how their page looks and works. That's why I've posted the warning...
Ebay DOES send messages with clickable links, for instance notifications of sold items with "click here to go to this item". PayPal does as well with clickable links to "view this transaction online".
With the level of sophistication in some of these counterfeit pages, it obviously pays to be very careful.[This message was edited by Mark van Allen on 18 December 2005 at 01:24 AM.] |
|
|
|
Don Poland
From:
Hanover, PA.
|
Posted 18 Dec 2005 2:18 am
|
|
Just make sure you check your messages in the ebay page, "my Ebay". This will always be a valid ebay link and will not be some moron trying to phish!! Simple as that 
------------------
1974 MSA D10 Classic 8+5, Goodrich Matchbox 7A, Digitech Genesis 3, Peavey Nashville 112
If you ain't steelin' it, you ain't feelin' it !!
www.steelin4fun.com
donpoland@steelin4fundotcom
|
|
|
|
Mark Vinbury
From:
N. Kingstown, Rhode Island, USA
|
Posted 19 Dec 2005 7:45 pm
|
|
I had a similar experience--
Same deal- eBay "ask seller a question" format.Looked exactly and I mean identical to the real thing.
Soon as I opened it the adware trash truck dumped all over my computer.Took many hours to clean up.Never got it all. |
|
|
|
Ernie Renn
From:
Brainerd, Minnesota USA
|
Posted 20 Dec 2005 12:10 am
|
|
Scammers are getting better and better at faking out the general public.
When you get a mail like this and you know that you don't have an auction up, you can just delete it.
You can right click and select: properties and them click: view source. There you can find out where clicking on a certain item will take you. They're usually numeric pages and not name servers.
Happy holidays to all!
------------------
My best,
Ernie
www.buddyemmons.com |
|
|
|
J W Alexander
From:
Reynoldsburg, Ohio, USA
|
Posted 23 Dec 2005 3:37 pm
|
|
Another great way to NOT get caught up in these phishing schemes is download and use the "spoofstick" utility that was suggested here a while back. I have it and feel a lot better IF I use a clickable link in an email. I almost NEVER do click on a link especially if there is a money amount or any other item that is suspicious!
J W |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 23 Dec 2005 3:56 pm
|
|
I also use and have recommended SpoofStick, which is available for MSIE and Firefox.
------------------
Bob "Wiz" Feinberg
Moderator of the SGF Computers Forum
Visit my Wiztunes Steel Guitar website at: http://www.wiztunes.com/
or my computer troubleshooting website: Wizcrafts Computer Services
|
|
|
|
Joseph Barcus
From:
Volga West Virginia
|
Posted 24 Dec 2005 7:44 pm
|
|
Just a note to all you ebayers I live off of ebay and do live very well.
the email you got was not a scam but a virus if you would had clicked on that link it would had gave you this virus
now heres the key around that, if you go to "my ebay" it has ebay messages just for your account, anytime ebay sends a message thats from someone about a item it will show up here.
if you get a email about a question from someone and you are not sure about it. go to your "my ebay" and check to see if in your received notes there. if not then its not ebay.
I have been a seller on ebay for almost three years with over 30,000 in profits and I have never got not one bad check, or any bad people at all from ebay. take care Joe |
|
|
|
Tony Prior
From:
Charlotte NC
|
Posted 26 Dec 2005 2:40 pm
|
|
EBAY asks you to log into your account..
links or not...
What I find fascinating is I get these messages to an EMAIL account that is not even registered with EBAY !
I even get them to my EBAY selling account..which is used 100% for selling..and then I do also get them to my EBAY buying account which is for purchases only..
ya just gotta be careful..
log in from the home page....don't go thru any links contained in EMAILS and you will be fine...
the scammers are hard at work, and pretty good..imagine if they did something of value... |
|
|
|
Mark van Allen
From:
Watkinsville, Ga. USA
|
Posted 26 Dec 2005 10:38 pm
|
|
Thanks guys, for the contibutions to this thread. My intent was to give a heads up to the folks who don't use ebay every day. I've seen a lot of Phishing scams, but this one is very slick.
I just don't understand the mentality of screwing people you've never met- but I guess modern life presents a different minefield.
My very best wishes to the honest folk! |
|
|
|
