 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Medical Forum / Diseases and Disorders / Arthritis / November 2005new e-bay phishing scheme - read if you sell on ebay!
from f-secure A new kind of eBay phishing attempt is going around. It's only going to fool people who have something for sale on eBay, because it's disguised as a question from another eBay member about shipping costs for "your item". It even includes the boilerplate from a genuine eBay message which says "Your registered name is included to show this message originated from eBay", although it does not in fact contain your registered eBay screen name, for obvious reasons. The phishers only have your email address, not your eBay screen name. (Of course, they might be the same, or at least similar. One more reason to invent a truly unique screen name for all the on-line services you subscribe to.) The message contains a button to reply to the buyer and, of course, you must sign in with your name and password to respond. Because the message contains a number of fingerprints which are typical for forged messages, both spam and phish, it's already detected by our existing phishing rules. This brings up another point, though. The majority of these fingerprints are based on header analysis. But when we get a spam or phishing sample, we frequently only get the body of the message (and sometimes only something like a copy-paste of what the user actually sees, or even just a screen shot). In fact, a number of "modern" email clients make it very very hard indeed to forward a message with the full original headers intact. If you are connected to an Exchange server, it's not even possible. (Fortunately, we hear Microsoft is finally working on this.) An example of what takes in Outlook to send a proper sample is at http://www.umkc.edu/is/cs/abuse/headers_outlook.htm, but see your own ISP's abuse pages, they probably have something quite similar ... and similary complex. If you want to send us a proper spam or phishing sample, it would actually be a fairly good idea to install a third-party plug-in to help extract the full headers. We are aware of such plug-ins for Outlook and Eudora. Ironically, those of us who still live in the "stone age" don't have such problems. In classical email clients such as Mutt and Gnus (and, ${dmr} bless you, Pine, if you configure it correctly) this is not a problem at all. Visit my website: http://www.mzuschlag.com Mary, I'm not a seller and I've been getting these and similar emails almost daily for the past couple of weeks. It seems to have started after I made a purchase on ebay. They certainly look authentic and I urge people to check their messages directly on "My EBAY" to make sure they are not phish. Ann > Mary, I'm not a seller and I've been getting these and similar emails > almost daily for the past couple of weeks. It seems to have started [quoted text clipped - 3 lines] > > Ann It's happening to everyone. My husband's been getting them a lot lately along with the infamous PayPal phishes. He's had no contact with either group at any time, all the ebay and PayPal stuff's been through me. He's learned to delete everything that doesn't come from a person he knows. (of course, it's not too bad anyway as we have a Mac, but it's good to train him.) We also get endless fake earthlink messages, but we don't use our "dominant" address for anything but earthlink contact, so stuff that comes to us is known to be fake.  SignatureNann remove the Gator cheer to email me Simply the thing I am shall make me live --- William Shakespeare ...and then send those messages to spoof@ebay.com or spoof @paypal.com for the paypal ones. Ebay does investigate. It isn't just ebay-never, ever use a hyper link sent to you by email. I got a great one the other day that sounded so official but alas...they misspelled SafeHabor. Finding typos and huge grammatical errors is quite a fun game. Got to tell you that if I were investing that kind of time in crime, I'd at least hire an editor. > ...and then send those messages to spoof@ebay.com or spoof @paypal.com > for the paypal ones. Ebay does investigate. It isn't just ebay-never, [quoted text clipped - 3 lines] > game. Got to tell you that if I were investing that kind of time in > crime, I'd at least hire an editor. Must be kind to the "disadvantaged". Those poor internet hackers in southeast Asia mangle the English language just fine, but then so do Americans. From a paid obituary in yesterday's paper. Trying to sum up a man's life in a few lines. "Born in Sacramento, CA he was a life long native Californian" Jo > Finding typos and huge grammatical errors is quite a fun > game. Got to tell you that if I were investing that kind of time in > crime, I'd at least hire an editor. I know what you mean! We periodically get ones purporting to be from Earth Link - not EarthLink. It's only a little space, but it's enough to let me know immediately that it's trash. Heh, but assuming we do switch to the local wireless broadband ISP in '06, we'll be playing with email addresses more to avoid spam. It's amazing how much Mike gets when all he does is email to certain people, but then we are on a major ISP right now. BTW, how are you doing Melinda? SignatureNann remove the Gator cheer to email me Simply the thing I am shall make me live --- William Shakespeare I just got one of these! I'm sure glad you had posted this. It was odd because I don't sell on ebay -- ony buy. DianeW |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.