Loading ...
Sorry, an error occurred while loading the content.

beware eBay "phishing" scam to Yahoo.com addresses

Expand Messages
  • Dave
    This is not on topic, but since many of you probably have @yahoo.com email addresses, then en garde ! I received a email from eBay earlier today in my yahoo
    Message 1 of 4 , Sep 1 8:33 PM
    • 0 Attachment
      This is not on topic, but since many of you probably have @...
      email addresses, then 'en garde'!

      I received a email from "eBay" earlier today in my yahoo mailbox. I
      did some checking on the routing information. It originated from an
      email server administered in Paris. (Not exactly eBays home town.)
      But can originate from a hacked or possibly virus-infected computer
      anywhere.

      The message has all the hallmarks of being a "phishing" scam,
      intended to steal account information from anyone it lulls into goint
      to the embedded link. BTW, the message is very authentic looking --
      almost flawless -- compared to those of a few years ago.

      - Don't go to the embedded link, just delete the message.

      The Subject line says "EBAY INC: IMPORTANT ACCOUNT NOTIFICATION..."

      The message body has a eBay logo and advises "We regret to inform
      you that your eBay account could be suspended if you don't re-update
      your account information ..."

      <"re-update" ? interesting word structure. hmmm...
      The signatory on this one is "Safeharbor Department eBay, Inc"

      ' nuff said.
      Dave Welch
    • Kevin Windsor
      Actually Dave this has been going on for a long time. Don t delete the email, but forward it to spoof@ebay.com and they will shut the site down. Kevin 89th
      Message 2 of 4 , Sep 2 6:10 AM
      • 0 Attachment
        Actually Dave this has been going on for a long time. Don't delete the
        email, but forward it to spoof@... and they will shut the site down.

        Kevin
        89th

        ----- Original Message -----
        >
        > - Don't go to the embedded link, just delete the message.
        >
        > The Subject line says "EBAY INC: IMPORTANT ACCOUNT NOTIFICATION..."
        >
      • Matthew James Didier
        -- DO NOT READ if you hate being too off topic -- VERY off topic... but bear with me. If you receive an e-mail from a bank (yes, even Canadian and U.K.
        Message 3 of 4 , Sep 2 6:33 AM
        • 0 Attachment
          -- DO NOT READ if you hate being too off topic --

          VERY off topic... but bear with me.

          If you receive an e-mail from a bank (yes, even Canadian and U.K. banks...
          not just American) as well as eBay or PayPal that says that you're account
          needs updating or suspending, DON'T EVER assume it's on the level.

          DON'T click on the link in the e-mail... go to the site as you normally do
          or type the address into the URL address bar in your browser. Log into your
          account from there and if there's a problem, they will tell you there.

          As a former bank employee, I can also tell you this PERFECT tip... NO ONE
          (not even a bank teller) should EVER ask for your PIN number. This should
          ONLY ever be typed in by yourself to an ABM (bank machine) or to an
          Interac/Cirrus type machine... or at your (physical branch) bank on a
          machine in the branch... NEVER GIVE YOUR PIN NUMBER TO ANYONE ONLINE.... ever!

          If you do or have, go to your bank (actual branch) or call their "hotline"
          (via phone) right away and change the PIN.

          So, one of the easy ways to spot a "phishing trip" is to look for the
          link/page/e-mail ASKING you for a PIN number...

          http://www.webopedia.com/TERM/p/phishing.html

          When it comes to your finances, like many things in medicine, piloting and
          when dealing with black powder, "When in doubt, DON'T!"

          If you're still "worried" that e-mail is truly about your account being
          suspended or the like, CONTACT THE SITE/INSTITUTION VIA E-MAIL and ask...
          DON'T hit reply and DON'T use the link in the e-mail... go to the site and
          send a mail to their general contact e-mail and ask about the mail you
          received BEFORE giving out your information to anyone... Wait for their
          response.

          Sorry to chime in, but I get dozens of e-mails per day from people worried
          that their eBay, Canada Trust, CIBC, Royal Bank, Paypal, etc. account is in
          jeopardy... when it's only a "phishing trip" from some scam artist.

          Sorry again...

          Y'rs...

          Matthew


          - = - = - = - = - = - = - = - = - = - = - = -
          Matthew James Didier - Generic Ne'er do well...

          Webmaster/Honourary Member of The Incorporated Militia
          of Upper Canada - http://www.imuc.org/

          Webmaster/Honourary Member of The Norfolk Militia
          (Heritage Regiment) - http://www.uppercanadianheritage.com/norfolk/

          Also webmaster and whipping boy for...
          http://www.uppercanadianheritage.com/

          ======================================

          PERSONAL QUEST/HELP WEBSITE:
          http://www.helpmakemydreamcometrue.com/
          Help me realise a dream and save a piece of history.

          ======================================

          "I do not want my house to be walled in on all sides and my windows
          to be blocked. I want the culture of all the lands to be blown about my
          house as freely as possible. But I refuse to be blown off my feet by any."

          - Mahatma Gandhi

          _________________________________________________________
        • Dave
          Kevin, You must have missed my original note s comment comparing the polished level of the one I saw to the cruder phishing emails I had seen in the past.
          Message 4 of 4 , Sep 2 10:23 AM
          • 0 Attachment
            Kevin,
            You must have missed my original note's comment comparing the polished
            level of the one I saw to the cruder phishing emails I had seen in the
            past. Having been in network security well before the Melissa outbreaks
            of 1999, I don't disagree when you say that "phishing" scams have been
            around several years.

            But experience in monitoring virus, spam, email scams, etc. and all
            manner of nasties that even the best-patched Windows users ran into --
            showed that 99.5 % of the time, users are receiving something that
            Internet security firms already know about. <It's because they can
            legitimately run 'honeypot' operations to attract 'flies'>

            In dealing with 1000s of networked PCs over many years, I only once
            stumbled across a undetectable piece of particularly nasty malicious
            code that was not already known to major anti-virus companies. Only one
            had seen it, and then only 2 days earlier. They said it was not
            then "in the wild", and wondered how I discovered it and what the
            delivery vector was. Naturally, I half-hoped that one of the number of
            companies I sent pre-authorized and carefully packaged samples to would
            name it after me.

            Not being smug old chap, just pointing up why I recommended that users
            delete strange messages. (Ok, Ok -- if you want to be really technical,
            also add don't open attachments and use shift-delete to really
            nuke 'em).

            Enough tech claptrap from my end. Think I'll close up shop and go do
            some reel <g> fishing.

            Dave W

            --- In WarOf1812@yahoogroups.com, "Kevin Windsor" <kevin.windsor@s...>
            wrote:
            > Actually Dave this has been going on for a long time. Don't delete
            the
            > email, but forward it to spoof@e... and they will shut the site down.
            >
            > Kevin
            > 89th
            >
            > ----- Original Message -----
            > >
            > > - Don't go to the embedded link, just delete the message.
            > >
            > > The Subject line says "EBAY INC: IMPORTANT ACCOUNT NOTIFICATION..."
            > >
          Your message has been successfully submitted and would be delivered to recipients shortly.