NEW EBAY SCAMMER PHISHING TACTIC * PLEASE READ *
- Ladies and Gentlemen, this morning I was the victim of a seemingly new phishing tactic that I would like to fill you in briefly about so that hopefully you won't also become the victim of it as well. As some of you may know, I have an extensive background in computer networks and security before I was forced into medical retirement; however, this morning's incident is living proof that even trained eyes overlook the obvious when hurriedly rushing through emails...and underscores the need to always be vigilant and make sure that you are at your intended internet destination before you type in a user ID and password, because no matter how real or authentic the graphics make a site look, unless that address browser says that you are at the right address, you are not really there. I shoulda' known, but luckily, quick thinking was able to cover my tracks hopefully before any damage was done.
Here is what happened.
Yesterday I posted a "want it now" post on the WANT IT NOW section of ebay's website. For those who don't know what this is, it's a place where you as a buyer can put a blurb that tells sellers, "hey, if you happen to list any 'such and such' please let me know because I'm looking for it." When you put your want it now (WIN) post up, there is a place for sellers to enter their item number listings in reply to your post (and ebay sends you an auto-notification that an item similar to your request has been listed). Additionally, there is a link at the bottom of your post where any other ebay member can "Ask a question" of the person who posted the request, for example, to get more specific information about your request. It all seems like a great community oriented idea...until the thieves show up, and that's what has started happening.
This morning, I got an email from member@... (which, in itself is not so unusual anymore because ebay has been making emails look anonymous for a while now). The subject line read "You've received a question about your eBay item, (and included the title of my WIN post)". So far, it looked legit. Upon opening the email, the body looked very much like most other ebay emails with text and graphics and links and disclaimers, etc. This is the text that the sender sent, though.
" Hello, about your post WANT IT NOW: i have this product in my possession for sell at a very good price. I post the link here, if you want to see the full description.
Waiting for your decision. Thanks."
Now, I'm looking at this thinking "OK, what is wantitnowe.9sm.info?" Is this perhaps some site where people can post things they have but don't want to bother with those ever-escalating ebay fees, or whatever? So I go to take a look. And that's where the gotcha is! Because what comes up in the browser window is what looks to be an ebay login screen. Right there, I should have known, but you see...because I'm a person who is searching for this item, haste got the better of me. Because I was in a hurry, I fell for it! I had just woken up about a half hour earlier, was just beginning my day, didn't have more than a few sips of coffee in me, etc. and sitting down to get the first emails, here comes something that I'm excited to see. Then...Drat! Without being fully cognizent, I typed in my ebay user ID and password and what appeared? Another very professional looking page that emulated ebay's "item not found" page, which said "we're sorry, item such and such has either been removed or is no longer accessable in the database, etc.". My first reaction was to wonder what I had done wrong and I almost went backward to the first page, but then I realized OH CRAP, I've been phished! (Some other tech smart people out there are probably snickering I should have known better. LOL yep...I have egg on my face.)
Panic sets in! Wrong thing to do. OK, calm down here. Now if this does happen to you, right away, the first thing to do is close all your browser windows and make sure that your computer has not been hijacked. Sometimes that can happen if there was a malicious code on the page you were sent to. In most cases, usually if you have a good security program and keep it updated, it will tell you if an attempt is being made to send information out of your computer behind your back. Zone Alarm or Norton Security are good programs for this if you don't already have them running all the time.
Now, keeping in mind that time is of the essence, once you are sure that you are still in control of your computer, then you should change all three of your passwords immediately (even if they are not the same (which is a bad idea anyway)). You change ebay account password immediately.
I'll give you an idea: On a timeline, between the time I entered my ebay ID and password into the fake website and realized my error and got logged in to ebay and changed my ebay password, about a total of 90 seconds had gone by. You want to do this as darn fast as you can because at the other end of that phisher's website there are programs running that routinely scoop up all the data that has been entered in and send the information to the criminals, where they go through them and try each one out to see if they will work. They know they have to be really fast.
In my case, by the time I had gotten to changing my email password, the password was locked. Password lock happens when someone is trying to get into the account but they don't have the right password. And that means that someone had already tried to gain unauthorized entry to my email account within only a few minutes. That is why you need to act very fast.
I apologize that this email is a bit lengthy, but I hope it will be of help to some people. I know there are many here who already know the information, but as you can see, even techie people are susceptible to rushing and being tricked. That's what the phishers are hoping for.
[Non-text portions of this message have been removed]