(Close Window)
Topic: Ebay Email Scam...BEWARE!!!
Message: Posted by: A C Spectre (Mar 25, 2004 08:33PM)
Got an email today with a return address of suspension@ebay.com When I opened it it looked like it was genuinely from ebay. It said that during a normal audit of the accounts my account information was either invalid or had changed. It went on to say that my account had been restricted and that my ability to bid on and buy items was restricted until I verified my information. It also stated that if an unspecified time limit expired before I verified my account information that I would be suspended from Ebay and not allowed to re-register. There was a link provided to go and verify your account. Following the link took you to what looked exactly like the Ebay sign in page. I entered my user name and password and tried to sign on. I got another page that looked like a genuine ebay page saying that my account was restricted and prompting me for my password again. I re-entered my password and came to a page where ther was space to fill in my account information. It asked for Date of Birth, SS Number, PayPal user name and Password, Bank account numbers, credit and debit card numbers with PIN etc.

At this point my internal warning system is finally blaring away at me that something may be a little amiss here. I closed the email and logged on to ebay. I was able to log in as usual, I went to the magic section, found an inexpensive DVD and bid on it. I was able to bid as normal with no apparent restrictions. I sent Ebay an email asking if they had indeed emailed me and restricted my account. I have yet to hear back from them. I went back to the email and tried to use the link provided again, I got a page cannot be found message stating that I should go to the ibexglass.com home page and try to access the page I was looking for from there.

Thankfully I did not enter any sensitve information into the page that came up. I went back into my Ebay account and changed my password and checked my account status. My account status page looked normal and nowhere did I find anything that stated my account was restricted in any way. What was so insidious about this was that all the pages were spot-on replicas of actual Ebay pages. They have not confirmed by email yet that this is a scam as I suspect, but something definitely does not seem right. My wife (the resident computer guru) says that no business of repute would require you to furnish them with sensitive information via email.

If you receive an email like this I would be EXTREMELY CAREFUL about sending any information to anyone via email. Anyone else out there have this experience?

A C Spectre
Message: Posted by: blindbo (Mar 25, 2004 08:48PM)
<< Anyone else out there have this experience?
>>

Millions of people, AC.
If I may emphasize the point of your post to others reading this; Never, ever provide personal information of any kind through unsolicited emails, or phone calls.
Message: Posted by: Samuel Catoe (Mar 25, 2004 08:53PM)
A C Spectre
Log back on ebay and change your password RIGHT NOW. As soon as you read this post. It is possible that the owner of the other site now has that info and through that info access to your account. CHANGE YOUR PASSWORD.
Message: Posted by: A C Spectre (Mar 25, 2004 09:00PM)
Samuel,
I already changed my password before I posted here. Unfortunately I didn't do it immediately but it was within an hour or two of reading the email that it hit me that I better change it. I will be monitoring my accounts closely, if anything strange appears I will have to take drastic measures to lock things down.

A C Spectre
Message: Posted by: MisterE21 (Mar 26, 2004 12:58AM)
I got this email 4...maybe 6 months ago. Be very careful about these things: pay attention to the actual address of the site.

For instance (and this is taken from the security page at Ebay):

an authentic Ebay address will have a "." before "Ebay.com" Something like, "http://cgi3.ebay.com" is legitimate while something like "http://cgi3-ebay.com" is not legitimate.

Just remember to a) always pay close attention to the actual web address and b) send an email requestive verification BEFORE giving any info.

E
Message: Posted by: MacGyver (Mar 26, 2004 03:46AM)
God... people actually fall for this???????


Well of course they do, you know spammer's think that they had a "good day" if 1 out of 10,000 emails responds or buys something....


I have a feeling that the rate for these paypal / ebay scams is actually higher than that.... sad.
Message: Posted by: H_Ho (Mar 26, 2004 05:03AM)
I often get ones from 'net banks' that ask for my login and password. What's funny is that I don't have an account with these banks.
Message: Posted by: Magix (Mar 26, 2004 07:24AM)
I've gotten 4 or 5 lately that are supposedly from CitiBank, with "email verification" in the subject line. I'm sure they're a scam of some sort, but I couldn't tell you any more than that because I always delete them without opening them.

Blindbo is right - "Never, ever provide personal information of any kind through unsolicited emails, or phone calls."
Message: Posted by: irossall (Mar 26, 2004 10:28AM)
One thing to look for is the "Secured Server" logo at the bottom of your screen and the "shttp" in the front of the address in your address bar. Anyone who reads the E-Bay aggreement contract will know that E-Bay will never ask for this information unsolicited.
Iven :patty:
Message: Posted by: hoodrat (Mar 27, 2004 12:26AM)
I've been getting emails with various documents attached to them. They are usually .zip or .doc files. The body of the email will say very little. I got one tonight that said: here, the serial numbers.

I guess I was supposed to click on the attached document to view serial numbers of some sort. Whatever. I simply delete these emails. I cannot believe people still open attachments like that. I guess, however, if they don't know and are new to the internet and email, they might accidentally open the attachment out of curiosity. Me -- I delete 'em!
Message: Posted by: balducci (Mar 27, 2004 01:10AM)
[quote]
On 2004-03-26 01:58, MisterE21 wrote:
I got this email 4...maybe 6 months ago. Be very careful about these things: pay attention to the actual address of the site.

For instance (and this is taken from the security page at Ebay):

an authentic Ebay address will have a "." before "Ebay.com" Something like, "http://cgi3.ebay.com" is legitimate while something like "http://cgi3-ebay.com" is not legitimate.

Just remember to a) always pay close attention to the actual web address and b) send an email requestive verification BEFORE giving any info.

E
[/quote]

Actually, I'm not sure that's even completely true. A programmer friend of mine explained that these addresses can be mimicked by using an address like

ebay.com?topic=security&page=update&blahblahblahblahbahblah

with the stuff after ebay.com appearing as a legitimate query submitted to a web page ... but the blahblahblah stuff is actually part of a web address that only concludes after another 100 or so characters that are off of the edge of the Address window on your browser. Sort of hard to explain, but I hope I got the idea across.

The safest thing is not to enter any personal data on a site, unless you access the data entry page directly from a page linked off of what you know is a trusted site.

A systems admin friend of mine recently fell for one of these scams. Coincidentally, he had just talked to his bank about making changes to his account and a few minutes later he, along with everyone at work, received a mail asking us to log into our HSBC account and verify our account passwords. Since he had just talked to this exact same (real) bank on the phone a few minutes before, he was lulled into a false sense of security. He entered his account and password and within minutes someone tried to clean out his account. Fortunately, the bank called him back to verify the transaction that was trying to be made under false pretenses and they cancelled it.

It was sort of amusing that an experienced systems administrator and web page developer like him would fall for a scam like this, but in his defense the circumstances were rather unusual insomuch as he had just spoken to the same bank on the phone requesting an account change.