PDA

View Full Version : e-bay phishing gets more sophisticated



Todd_Chamberlain
06-22-2006, 09:19 PM
I nearly fell for one of these today. In the past, all the "messages from ebay users" that I've received have been generic--not related to a specific item--and really easy to spot. Today, though, I got one that actually had the item number of something I was selling. I might have actually missed it if the question hadn't seemed odd (would I ship to New Jersey? My auction makes that pretty clear). There were some formatting problems as well, but the clincher is that my email client allows me to brush over links and it will ID when the supposed link differs from actual url.

Anyway, just be even more careful what you click on. Ironically, by trying to create a communication system self-contained on ebay, I think they've actually made people more susceptible to falling for these tricks.

Todd

gratefulhan
06-22-2006, 10:14 PM
Tood,
Thanks for the for the warning.
I have to agree with you that these Ebay/Paypal phishing scams have gotten more sophisticated. I usually average about 4 a week. I usually get the "unauthorized access" and the "attempts to log in" nonsense but I got two really peculiar lin the past two weeks:

The first one was similar to the type you described where I was being notified about a payment from a buyer from another seller's auction. Of course there was a link in the email to verify the transaction. I checked my PayPal account just to be safe and I did not have anything in there.

The second one was a Trust and Secruity type form PayPal which looked legit except for the link to verify my account in the email. It also had one those warnings about paypal shutting down any account that is not verified within 72 hours. This one looked real good because it had pictures & graphics and did not come with the usual syntax and spelling errors like most of the ohters.

The one good thing about all of these phishing scams is that they end up in my junk mail folder so that always sends up the red flag.
Rick

Dave_T
06-23-2006, 12:13 AM
Ironically, by trying to create a communication system self-contained on ebay, I think they've actually made people more susceptible to falling for these tricks.



Definately. Intra-ebay (unfortunately, the only way to go nowadays) communication is such a cumbersome system now, compared to how it was several years ago. Since there are now so many different sign-ins required (to send a message, to look at past auctions, etc), many people don't think twice about signing-in to something that looks like an official-looking email or log-in page, which have a more familiar feel now (thanks to ebay acting as the email gatekeeper).

j74
06-24-2006, 10:09 AM
Has anybody gotten the Paypal one that has your name in it, and is a confirmation email about a payment you sent being completed? I have gotten two, the most recent said the $379 I sent for a set of tires has been completed...the text looks different than a normal paypal email...

gratefulhan
06-24-2006, 04:49 PM
Has anybody gotten the Paypal one that has your name in it, and is a confirmation email about a payment you sent being completed? I have gotten two, the most recent said the $379 I sent for a set of tires has been completed...the text looks different than a normal paypal email...



I mentioned this before in my earlier post that I get about 4 spoofs a week. I have got several just like the one you described. In every one of those emails, there is always a link that reads something like "if you did not authorize this transaction click here". That is the dead give-away because PayPal & Ebay never ask for you to log in from those emails. Man I'll tell you, I think that I got just about every kind they can come up with. http://threads.rebelscum.com/images/graemlins/mad.gif

You know, it is too bad that they are not collectables themselves. I would have the complete set with every variation. http://threads.rebelscum.com/images/graemlins/laugh.gif
Rick

Darth_Spongebob
06-24-2006, 05:53 PM
Yep. I got one of those emails. I was pretty disturbed since it actually had my name in the email.

macross7
06-24-2006, 07:07 PM
I got one today saying my credit card was expiring and needed to have the date updated.

Mike_Machika
06-27-2006, 05:54 AM
My wife fell for one of these and I about went through the roof! I couldn't tell you how many times I warned her OVER AND OVER again about these. Anyways, the culprits took over her yahoo account (because it had the same username and password) and took over her ebay account. I guess once they get your password they immediately start trying every website imaginable that would require a similar login/password combo (banks, utilities, etc.) all in attempts to grab a hold of her credit card info i guess. lucky for her her login/password combo stopped at just yahoo and ebay. Ebay was semi helpful in closing everything out and starting anew, but yahoo was a nightmare. Since that mishap my wife has been such a good internet surfer. I don't go to bed worrying at night that my computing world as I once knew it will be over when I awake.

jdw1991
07-14-2006, 09:08 PM
Is this the same as getting a "safe harbor" notice from e-bay? Should the email just be deleted

ChrisGeorgoulias
07-15-2006, 08:46 AM
Many browsers will show you the URL if you run your pointer over the link. Usually it's obvious that it's not a real ebay URL. But to be safe, you should just log into ebay and check My Messages. If it's a legit email it will be there.

Alternatively, if you forward the email to spoof@ebay.com they will send you back a reply letting you know if it was spam. I sent that "Letter from Meg Whitman" one there and it came back saying that it was actually an OK email. http://threads.rebelscum.com/images/graemlins/smile.gif

-chris

OleeStarstone
07-20-2006, 06:49 AM
Has anybody gotten the Paypal one that has your name in it, and is a confirmation email about a payment you sent being completed? I have gotten two, the most recent said the $379 I sent for a set of tires has been completed...the text looks different than a normal paypal email...



I've gotten a similar one. I checked my account balances, etc, first, determined everything was okay and sent it to Paypal's spoof email.

Jedi_Bri
07-21-2006, 01:59 AM
New scam email today. One that said my paypal account is owed 150 dollars due to a tax filing error made by paypal. "Please confirm your account so we can refund you this money" LOL right!