WARNING--- EBAY SPOOF

[Herb]

This morning I recieved an email allegedly from Ebay essentially telling me that some of my account information cannot be verified and I need to go to the link provided to update it or within 5 days my account will be restricted. I clicked the link and was taken to what appeared to be a legitimate Ebay site where I was supposed to enter my name and password to continue, well no way. I reported it to Ebay and shortly recieved the following, if you recieve the same email do not reply to the request.

Thank you for writing to eBay regarding the email you received.

Emails such as this, commonly referred to as "spoof" or "phished"
messages, are sent in an attempt to collect sensitive personal or
financial information from the recipients.

The email you reported was not sent by eBay. We have reported this email
to the appropriate authorities.

In the future, be very cautious of any email that asks you to submit
information such as your credit card number or your email password. eBay
will never ask you for sensitive personal information such as passwords,
bank account or credit card numbers, Personal Identification Numbers
(PINs), or Social Security Numbers in an email. If you ever need to
provide sensitive information to us, please open a new Web browser, type
www.ebay.com into your browser address field, and click on the "site
map" link located at the top the page to access the eBay page you need.

If you have any doubt about whether an email message is from eBay,
please forward it immediately to spoof@ebay.com. Do not respond to it or
click any of the links. Do not remove the original subject line or
change the email in any way when you forward it to us.

If you have already entered sensitive financial information or your
password into a Web site based on a request from a spoofed email, you
should take immediate action to protect your identity and all of your
online accounts. We have developed an eBay Help page with valuable
information regarding the steps you should take to protect yourself.

http://pages.ebay.com/help/confidenc...reporting.html

To review eBay's new tutorial about Spoof Emails, please see the
following Web page:

http://pages.ebay.com/education/spooftutorial/

Once again, thank you for alerting us to the spoof email you received.
Your efforts help us ensure that eBay remains a safe and vibrant online
marketplace.

Regards,

Ian
eBay SafeHarbor
Investigations Team
______________________________
eBay
Your Personal Trading Community (tm)

*******************************************

[John Sabato]

Let me add my caution to the membership. Being in the computer security industry I can second this warning...

I get about two of these "phishing" emails a week... and I forward every one to either ebay (or paypal) as appropriate...

Both of these organizations have very active anti-fraud organizations who pursue these bandits... give them all the help you can... and NEVER fill out a personal information request, especially a request for userID and password, or credit card numbers because of an email you receive... Even if the return email address looks legitimate, it can be spoofed.

The return email address for the one I got this morning was:

CustomerSupport@eBay.com

but the email specifically asked that no reply be sent to them... this is a red flag... they only want you to click on the link to the bogus screen where they will attempt to capture your personal account information...

Any organization with whom you do business using a userID and password and even a credit card will have that information on file and they don't need you to supply it.

Another method used for Phishing is scam telephone calls with the same message... "please give me your account information so that we can verify or unlock your account..." Ask these scam artists for their phone number so you can call them right back because you are busy and they will generally hang up on you, or give you a bogus number.

If you ever think you have been victimized by one of these scams IMMEDIATELY contact the organization directly through their website... don't use any supplied "links" that are in the email. Change your password, and notify your financial institution...

Better safe than sorry.

be ever vigilant to protect your identity and your finances...

regards,

John

[Dean]

Part of the problem is Internet Explorer/Outlook. It allows the email to show what appears to be a legit url, when in fact, it is not.

I use Linux and I can see the spoofed url (you can do the same by using "view message source" in Outlook.

I then do a whois (www.samspade.org) of the address and contact the admin of the hosting domain. More often then not the site that is hosting the ebay/paypal "validation page" has been hacked into and the admin is unaware.

[tudorbug]

For those of you who may receive a "phishing" edition email asking you to divulge information to correct or update an eBay or PayPal account by clicking on a link provided by email, here are the addresses to forward that email to for investigation:

spoof@ebay.com

spoof@paypal.com

A forward to the spoof at ebay address will prompt an immediate, automated return. It will be followed a bit later by the return that Herb has kindly offered in the start of this thread.

My own experience has been three, perhaps four, "phishing" emails over the past year seeking either my eBay or PayPal account information.

I have to admit that, in the first instance, I very nearly proceeded to provide eBay account information, but hesistated due to some inner bell long enough to check with eBay and take the correct path.

There there is the persistent arrival, even two days ago, of emails from poor folks in Nigeria unable to get to their stranded $230,000,000 ...............

Technology provides the most wonderful opporunities for those who troll long enough and deep enough. If a bated line is in the water sooner or later something will bite.

Be aware, alert and cautious!

Kindly, David

[Herb]

Dean, I don't know about IE/Outlook problems, I wouldn't go near either of them with a mad skunk in my pocket, much too insecure. I use only Netscape as the brouser and mail client. I open my mail with SpamBuster which not only shows the address the mail came from but the real name of the sender, or at least the name the sender uses, in this case it was Everett<support@ebay.com. I have gotten similar ones from PayPal also and I just ignored and deleted them.

[Herb]

Here's what the original message looked like, go ahead and click on the links, sure look legit don't they? The disturbing thing to me was that I use the 'memory' login feature on my computer and the darn thing entered my username and password automatically, it didn't recognize the site as a fake.

spacer
Update Your Credit / Debit Card On Your eBay File spacer
spacer

Dear eBay member ,

During our regular and verification of the accounts we couldn't verify your current information, either your information Has changed or it is incomplete . if the account is not updated to current information within 5 days then , your access to Buy or Sell on eBay will be restricted

Go to the link below to Update your account information :

http://signin.ebay.com/aw-cgi/eBayIS...ame=h:h:sin:US

please dont reply to this email as you will not receive a response

Thank You for using eBay!

http://www.eBay.com

________________________________________________________________________ _________________________________

As outlined in our user agreement , eBay will periodically send you information about site changes and enhancements, vist our Privacy Policy and User Agreement if you have any questions .

Copyright �© 1995-2004 eBay Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.

[Sean.E]

It seems like there is always either an ebay or a Paypal scam lurking about! Thanks for the heads up guys!
Regards,
Sean