eBay Scam email
September 26th, 2004
I just got a scam eBay email that looks very real. The email looks something like this (edited to fit my layout):eBay Safeharbor Department Notice Fraud Alert ID : XXXXXXX Dear eBay member, http://scgi.ebay.com/verify_id=ebay&user=XXXXXX Please save this fraud alert id for your reference. When submitting sensitive information via the website, your information is protected both online and off-line. When our registration/order form asks users to enter sensitive information (such as credit card number and/or social security number), that information is encrypted and is protected with the best encryption software in the industry - SSL.
We apreciate your support and understading, as we work together to keep eBay a safe place to trade. Thank you for your patience in this matter. Regards, Safeharbor Department (Trust and Safety Department) Please do not reply to this e-mail as this is only a notification mail sent to this address and can not be replied to. Copyright 2004 eBay Inc. All Rights Reserved. |
- The link in the email leads to http://62.117.78.34:5250/Sign%20In.html
- Obviously an un-secure and fake address.
- A quick whois lookup leads to:
person: Kryuchkov Maksim Yurjevich e-mail: mklochkov@mtk.comcor.ru address: Russia, Moscow, Pilyugina d.22 phone: +7 095 132-1210 notify: netadm@comcor.ru mnt-by: AS8732-MNT nic-hdl: KMY2-RIPE changed: pas@comcor.ru 20020125 source: RIPE
I didn't know that eBay was a Russian company
- The code in the email and linked page has obviously been hacked. Even I can see where the pitiful attempt has been made to cover up the sham, or eBay needs to hire a new HTML programmer.
- When I tried a fake User Name and Password on the "login page", I was immediately let in. I seriously doubt I was lucky enough to guess someone's user/pass with the random numbers and letters that I typed in.
- After the fake login I was taken to a credit card update page. The page asked questions that would never be needed in an online form:
- mother maiden name
- PIN
- SSN
Only your credit card asks those questions, and they never ask for a PIN online.
- eBay apparently doesn't have a spell-checker
- apreciate
- understading
- The list could go on, but I think you got the point. If you need to know more, you can check out eBay's Spoof email tutorial.
Me | Comments (5) | words in this post
Comments
More Entries Like This
- e-scam
10:27 PM Feb 05, 2004 | Comments (2) - Buy My Stuff
9:02 PM Feb 02, 2004 | Comments (1) - eCrap from eBay
11:08 AM Feb 07, 2004 | Comments (2) - More eBay
5:02 PM Feb 15, 2004 | Comments (3) - Half.com / eBay Transition
11:01 AM May 22, 2004 | Comments (1) - Weather for Tara [edited]
7:48 PM Feb 03, 2003
I just got one too, but mine was a bit different.
~~~
(Nice official-looking ebay logo here)
Dear eBay Member,
We regret to inform you that your eBay account could be suspended if you don't re-update your account information.
To resolve this problem please visit link below and re-enter your account information:
https://signin.ebay.com/ws/eBaylSAPl.dll?etc.etc.
If your problems could not be resolved your account will be suspended for a period of 24 hours, after this period your account will be terminatied.
~~~
And the thing is, I don't have an eBay account at all. This email also includes an "eh.gif" which I find pretty weird. Who would name their gif image "eh"? Sounds like a druggy to me, heh.
and here's another
----------------------------
Received: (from tidwellc@localhost)by tidwellcreative.com (8.12.10/8.12.10)
Return-Path: tidwellc@tidwellcreative.com
----------------------------
Dear ebay member
You have received this email because you or someone
had used your account to make fake bids at eBay. For security purposes, we are required to open an investigation into this matter.To help speed up this process, please access the following form to complete the verification of your eBay account registration informations:
The purpose of this verification is to ensure that your eBay account
has not been fraudulently used and to combat the fraud from our
community.We appreciate your support and understanding, as we work together to keep eBay a safe place to trade.
Thank you for your patience in this matter.
Regards, Safeharbor Department (Trust and Safety Department)
eBay Inc.
Please do not reply to this e-mail as this is only a notification
______________________________________________
same crap asked for user name - credit card info - PIN number for my card etc etc
i logged in with a very rude username and an ever worse password (chuckles) and got in right away
put all zeros in the card # - buncha 6's in pin #
i hope they use info well
hello, i'm french and I had the same message, so , it's a joke ?
Got one also. Didn't go to the extreme lengths that one of your respondants (above) went. I've tried to track some of the scam messages in the past but no longer bother. It's mostly a waste of my, and everyone's, time. Delete. Delete.
One of the posts above had my admin email address - showing the message had come from my server at tidwellcreative.com. I have to say I hate spam as much as anyone else - someone gained access to my server in December of 2005 and uploaded a cgi script which allowed them to send thousands of emails from my server - I only discovered it when i started to get phone calls from people threatening to call the FBI and whatever other agency they could think of... please people be aware that these headers do not show the true perpetrator, only another victim, as I was... It took me over two months to get my hosting company (AIT) to find the numerous scripts which had been uploaded and to close the holes that allowed these people to get into my server in the first place... what a nightmare!