PDA

View Full Version : OT Ebay help?



632 Regal
03-01-2005, 04:22 PM
I just got an email saying that me or someone used my account for fraudulent bidding, I went to the page that was linked and it wants my CC info and banking info, looks legit but I dont want to give that info. What is going on here, says they will suspend my account if I dont fill this out.

billb
03-01-2005, 04:38 PM
It's called a spoof. I would forward that email to eBay. Take a look at the attached link.

eBay spoof reporting (http://pages.ebay.com/help/confidence/isgw-account-theft-spoof.html)

Patrick
03-01-2005, 05:03 PM
Yep -Bill's right, total scam. You can also log into your account (NOT through an email like that) and check your account activity. Beware of all supposed emails from eBay or PayPal, mostly they're fraudulent.

632 Regal
03-01-2005, 05:04 PM
yep your right, just got me freaking out for a minute.

Garlic Breath
03-01-2005, 05:46 PM
I usually click on the link and try to fit as many vulgar words as possible in the fields.

Brian C.
03-01-2005, 07:25 PM
.....is to print out any suspect e-mails that have warnings like that. They always look like the real deal, and if you see links on them THEY look like legit "E-Bays" or "Yahoos" or whatever. They can make the spoofs look very good. But I think if you print them out, then at the bottom of the sheet, it will print the actual URL that the e-mail originated from. Then you can see if it's actually from E-Bay or wherever or not. Anybody back me up on this?? I think this will work, right?

Never reply to an e-mail request for CC or PIN or SSN info.

Brian C.

632 Regal
03-01-2005, 07:46 PM
right Brian, once i looked at the headers and stuff it was from other than an ebay site. i forwarded the email to ebay and they will probably nail the site that sent it.

Dave M
03-01-2005, 07:48 PM
I received a very similar e-mail, supposedly from EBay. I e-mailed EBay to inform them that when prompted to "confirm my identity" by clicking the link, the URL for the site I was directed to address was:

"http://eclass.newman.edu.hk/aw-cgi/signin.html"

no chance I was providing password etc. to "eclass.newman.edu.hk" wherever
that is.

EBay wrote back:

"Thank you for writing to eBay regarding the email you received.

Emails such as this, commonly referred to as "spoof" or "phished"
messages, are sent in an attempt to collect sensitive personal or
financial information from the recipients.

The email you reported was not sent by eBay. We have reported this email
to the appropriate authorities........."

Brian C.
03-01-2005, 08:10 PM
....to chew them a new @ssh@le!
;)


Brian C.

632 Regal
03-01-2005, 08:11 PM
I received a very similar e-mail, supposedly from EBay. I e-mailed EBay to inform them that when prompted to "confirm my identity" by clicking the link, the URL for the site I was directed to address was:

"http://eclass.newman.edu.hk/aw-cgi/signin.html"

no chance I was providing password etc. to "eclass.newman.edu.hk" wherever
that is.
.
EBay wrote back:

"Thank you for writing to eBay regarding the email you received.

Emails such as this, commonly referred to as "spoof" or "phished"
messages, are sent in an attempt to collect sensitive personal or
financial information from the recipients.

The email you reported was not sent by eBay. We have reported this email
to the appropriate authorities.........".

Johntee540
03-01-2005, 08:39 PM
Its called Phishing! and not the good kind! Scam dont ever give that kind of PII to sites that are soliciting you for it. Only give it up if you initiated the transaction. Practice Safe Data everyone! - JT

DanQ
03-01-2005, 11:34 PM
.....is to print out any suspect e-mails that have warnings like that. They always look like the real deal, and if you see links on them THEY look like legit "E-Bays" or "Yahoos" or whatever. They can make the spoofs look very good. But I think if you print them out, then at the bottom of the sheet, it will print the actual URL that the e-mail originated from. Then you can see if it's actually from E-Bay or wherever or not. Anybody back me up on this?? I think this will work, right?

You should also be able to go to File->Properties to see the correct URL and not the spoofed one.
Most of the phishers that use the spoofed URLs are taking an advantage of a bug in IE that was found back in December of 2003. If you still can't see the correct website in the address bar then you most likely aren't up to date on your patches from Micro$oft.

Story on IE vulnerability (http://informationweek.securitypipeline.com/news/showArticle.jhtml?articleId=16700202)