posted on July 21, 2003 01:42:07 PM new
There is always a post on this board regarding fake emails, so I thought I'd take a minute and explain a couple of things that will help you know if it is real or not.
The first, and most obvious thing, is if there is a link to eBay (or PayPal) that in any way is asking you for private information, it is a scam.
In every real eBay email, there is a paragraph stating: "eBay will not request personal data (password, credit card/bank numbers, and so on) in an email. Learn how to protect your account."
Secondly, look at the email header. In Outlook Express, right click on the message in your In Box and select properties. Select the "Details" tab. Scroll down to the first "Received From" line. (That will be just above the "To" line).
There will be an IP address in that line that looks like this: 210.23.217.57
Copy that IP address, then go here: http://www.arin.net/ and paste the number into the "Whois" search field. The results will tell you if it is fraudulent. In this case, the sender is in the Phillipines.
If your results contain domestic locations, you can contact the ISP listed.
Messages from eBay and PayPal may source direclty from them, most will source from IANA (Internet Assigned Numbers Authority).
You should try this out with a couple of emails, it is interesting to see how they have been forwarded from location to location.
posted on July 21, 2003 01:51:13 PM new
Another thing I have noticed in the last 3 spoofs I got is........ there is usually at least one word misspelled.
Below is the one I received today (I copied and pasted it here) and look how they spelled safety and access wrong!
Dear eBay user,
As stated in the User Agreement, Section 5.1, we may request you to change you password. Because of security reasons and for your saftey, please understand the situation and be so kind to change your password. Please acces the following link to change your password : http://cgi5.ebay.com/aw-cgi/eBayISAPI.dll?RegisterShow
We thank you for your cooperation.
Respectfully,
Customer Support (Trust and Safety Department)
posted on July 21, 2003 02:24:01 PM newThe first, and most obvious thing, is if there is a link to eBay (or PayPal) that in any way is asking you for private information, it is a scam.
That's just not true.
I posted about it at the time...but back in April, I got a "Credit Card Expiration Approaching" email from PayPal. And yes, it was really from PayPal. And yes, it had a handy link in it for me to click on so I could enter my credit card information.
This is sheer stupidity on a mind-boggling scale. How much more simple it would be to send out that email advising people to log in to PayPal (no link) and update their accounts.
Never underestimate the corporate capacity for idiocy.
I am not a bathtub full of brightly-colored machine tools on Vendio.
posted on July 21, 2003 04:54:32 PM new
Ebay does send some legit emails with links. Users on the other boards have frequently posted that info as well as Fluffy here. I have rec'd a legit email from ebay with a link as well.
----------------------------------
-------------- sig file ----------------------------
"Any man worth his salt will stick up for what he believes right, but it takes a slightly better man to acknowledge instantly and without reservation that he is in error."
- Andrew Jackson
posted on July 26, 2003 05:42:59 AM new
Fluffy's correct. eBay does still send out links to the log-in page within some of their emails. I received a cc expiration notice the other day from eBay with a link to their Site.
Evidently, eBay has a few other things that people should look for within the body of an email to discern its authenticity.
posted on July 26, 2003 05:52:11 AM new
I would send even valid eBay communications with links to [email protected] and NEVER connect to the provided link to resolve the issue. Some of these spoof emails look so smooth that you may THINK they are valid...no misspelled words etc. Forward the email on to spoof and then log in to eBay yourself and go to your account to provide the requested information.
If eBay isSTUPID enough to send emails like that, then the Spoof people should me made aware of it. Hopefully they can deal with the idiot that sent an email like that!!
[ edited by neglus on Jul 26, 2003 05:55 AM ]
