posted on July 28, 2003 01:49:01 PM new
Just received a new spoof e-mail and wanted to alert everyone to it.
It appears to come from: [email protected] with the subject: Security Update.
It's done in HTML and it uses many graphics directly from the eBay site so a cursory look at the source of the document will make it appear authentic.
However, a deeper look at the header shows it's from: httpd@localhost - lin2.infinology.com
Just beware of this one. I haven't heard back from eBay yet to confirm it's a fraud, but I did enter "MegWhitman" as a UserID and "FBIAlert" as my password to see what happened... It briefly went to the scammer's site (watched the URLs change) and then displayed the main eBay.com page - so it might appear authentic.
I don't think so.
Hope this alerts anyone to this very authentic looking e-mail.
posted on July 28, 2003 06:04:43 PM new
Regardless of the fake info you entered, might they not have some kind of software that records where the info was sent from, I mean I'm far from an expert but I kind of think you should not take any chances at all of someone finding a way to enter your computer, you just simply do not know what is out there at the other end. There are new ways being developed daily by the scammers to try to dupe people -- and my advise for any scam e-mail is to delete it, and NEVER respond in any way, particularly from the computer that might contain vital personal and business information -- if you somehow manage unwittingly to open a door, you might end up regretting it VERY much, so why EVER take the chance, curiosity just ain't worth the risk!
posted on July 28, 2003 06:37:36 PM new
Hi people,
I'm with Upriver. I'd never enter any info at all into an email link. At the very least, the scammers then know they've got a "live" address and will continue to bombard you with messages.
Best thing to do is send it to [email protected] or spoof @paypal.com, then post here so we're aware of it.
posted on July 28, 2003 06:46:21 PM new
The problem is, you never know if an email from [email protected] is legitimate or fake until you open it and look at it. There are a couple of worms that could find their way into your system just by reading the email. A "question for seller" email could hide one of these also. Virtually everything else, including trojans require the recipient to open an attachment. The people sending these scam emails aren't likely to be trying to install trojans. They are counting on a certain percentage of suckers to voluntarily send them the information they want. It only takes one or two Visa numbers with $25K limits to have one hell of a party. Besides, it's fun to imagine the look on their faces when they harvest a username of "megwhitman" and a password that reads "fbialert".
The light at the end of the tunnel will turn out to be an oncoming train.
posted on July 28, 2003 06:51:14 PM new
I just got a similar one also. It even had the eBay logo! I went & changed my password again! I forwarded the email to [email protected]! Beware!
From: eBay Safe Harbor [[email protected]]
Subject: your access to bid, buy or sell on eBay has been restricted
Contents:
Dear eBay User,
During our regular update and verification of the accounts, we could not verify your current information. Either your information has changed or it is incomplete.
As a result, your access to bid, buy or sell on eBay has been restricted. To start using your eBay account fully, please update and verify your information by click
posted on July 29, 2003 10:46:42 AM new
I list a few things on Bidville, and recently had a couple of emails asking me to update my credit card info. etc. I am pretty sure they were from Bidville, but I chose to go to Bidville itself, rather than use the email message. Better safe than sorry!
posted on July 30, 2003 08:44:08 AM new
once again, there's always some little thing that gives it away- one is theURL does NOT begin with 'https" but only "http" and there is that last sentence;
"As a result, your access to bid, buy or sell on eBay has been restricted. To start using your eBay account fully, please update and verify your information by click"
Ebay would have said "To resume using your ebay account" and of course "click" should be "clicking"
I knew my A+ grades in English would come in handy some day!
"And All Shall be Well, and All Shall be Well, and All Manner of Things Shall be Well"
