Ethnographic Arms & Armour
 

Go Back   Ethnographic Arms & Armour > Discussion Forums > Ethnographic Weapons
FAQ Calendar Today's Posts Search

Reply
 
Thread Tools Search this Thread Display Modes
Old 7th December 2005, 09:47 PM   #1
Ferguson
Member
 
Ferguson's Avatar
 
Join Date: Dec 2004
Location: Kernersville, NC, USA
Posts: 793
Default New (to me) variant of fake Ebay email scam

I'm sure most of you folks have seen the fake emails from Ebay that are "phishing" for your username and password. I get several from ebay, paypal and various banks everyday. But I got one today that darn near fooled me. It was what looked like a message from an ebay member. They were asking why I had bid on an auction and hadn't paid for it. They mentioned negative feedback if I didn't respond. I've won several small auctions lately and wondered if I had made a mistake. I mean this thing looked absolutely real. So I clicked on the link to the auction and up popped an ebay login screen. Screech!!! My mind finally clunked in gear and I didn't type anything. Noticed the URL and it wasn't Ebay. Dayum. That one just about got me, and I'm about the most suspicious and cautious computer user out there. I do the security for our network for goodness sake. The bastids almost got me this time. Forwarded the email to spoof@ebay.com and got a slightly different response from normal saying that these emails often contain a keystroke logger virus. Fortunately this one didn't. So if you get an email from an ebay member that you aren't expecting, check your messages on Ebay itself to see if it's legit.

Steve
Ferguson is offline   Reply With Quote
Old 7th December 2005, 11:59 PM   #2
Andrew
Member
 
Andrew's Avatar
 
Join Date: Nov 2004
Location: USA
Posts: 1,725
Thumbs up

Thanks for the heads-up, Steve.
Andrew is offline   Reply With Quote
Old 8th December 2005, 03:11 AM   #3
RSWORD
Member
 
RSWORD's Avatar
 
Join Date: Dec 2004
Location: Greensboro, NC
Posts: 1,083
Default

Steve,

I have also had the same thing happen to me recently but with a slightly different twist. It stated they were glad they won my auction and would be sending payment soon and they had a link attached to the e-mail. I knew I wasn't expecting any money so rather than use the link(thank goodness) I wrote down the Ebay # and user ID and when I checked those against Ebay they were from an User ID that had a bunch of negative feedback and was no longer a registered user.

While on the topic, I will share another one. I had a few items up for auction recently and I had someone contact me via the Ebay member contact and they stated they were very interested in my auction. They stated they would like to have someone handle the shipping and they would like my address to arrange for pick up. I let them know that if they won I would make arrangements for shipping. When they followed up again that they needed my address I got a bit suspicious. I let them know that if they won the auction, I would make arrangements to meet someone but I would not give out my address. The Ebay ID had no feedback at all and I did receive a e-mail from Ebay warning that some people use the member contact through Ebay to get e-mail addresses and if anyone is willing to share, more than that. Got to be careful these days.
RSWORD is offline   Reply With Quote
Old 8th December 2005, 01:34 PM   #4
Justin
Member
 
Justin's Avatar
 
Join Date: Dec 2004
Posts: 175
Default

Thanks,for the heads up.I seem to be getting more and more of these and they've gotten really good at making them look real.

A few months ago I was getting email after email telling me that my account info had expired and if I didnt change my info, my account would be suspended.These looked very genuine but my account didnt have ANY information on it that could have expired.
Justin is offline   Reply With Quote
Old 8th December 2005, 04:18 PM   #5
MABAGANI
Member
 
MABAGANI's Avatar
 
Join Date: Dec 2004
Posts: 221
Default

Same with Paypal, their official emails state your full name, the fakes don't.
MABAGANI is offline   Reply With Quote
Old 8th December 2005, 05:44 PM   #6
VANDOO
(deceased)
 
Join Date: Dec 2004
Location: OKLAHOMA, USA
Posts: 3,138
Default

I HAVE ALSO GOTTEN BOGUS EMAILS HAVING TO DO WITH EBAY AND PAYPAL. IF THEY ASK A QUESTION ABOUT MY INFORMATION I JUST FORWARD IT TO SPOOF@PAYPAL OR EBAY, SO FAR EVERY ONE OF THEM HAS BEEN A SCAM. RECENTLY I HAVE ENCOUNTERED LOTS OF EMAILS THAT SAY MY EMAIL WAS NOT DELIVERABLE TO THIS OR THAT I LOOKED AT ONE AND IT DIDN'T GIVE ANY INFO ON ANYONE I HAD RECENTLY SENT EMAIL TO SO NOW I AUTOMATICALY DELETE ALL SUCH EMAILS. I DELETE MANY MORE EMAILS THAN I OPEN SO IF A FORUM MEMBER I DID NOT KNOW DID EMAIL ME HE SHOULD PUT SOMETHING IN THE TOPIC TO GET MY ATTENTION, VANDOO PERHAPS AS THE TRICKSTERS HAVEN'T USED THAT YET.

ITS FRUSTRATING THAT THE NO GOOD PEOPLE CAN MAKE SO MUCH TROUBBLE AND THERE SEEMS TO BE NO WAY TO MAKE THEM PAY FOR THEIR SINS AT LEAST NOT UNTILL JUDGEMENT DAY.
VANDOO is offline   Reply With Quote
Old 8th December 2005, 06:07 PM   #7
Mark
Member
 
Mark's Avatar
 
Join Date: Dec 2004
Posts: 987
Default

I haven't gotten the fake sale/purchase yet, but I have gotten the undeliverable e-mail ones. The fact that the attachment is a zip file was a pretty big pointer.

The cleverest ones I have seen so far (sort of like this new e-bay one), are the ones that just inform you that something has changed in your user profile, like an address or e-mail or a new credit card (that is the best one IMO -- reverse psychology) being added. All very official looking, and I am sure that if you go to the provided link it will look just like BidPay or PayPal or whatever -- but once you have tried to log in, they have all the information they need. One even came from a domain with "PayPal" in the name, but with a foreign country code rather than ".com." The genius is that they don't ask you to confirm or check anything. They rely on your puzzlement at the announcement to check it out.

I verified the fraud by going directly to PayPal (not using their link), and checked to make sure everything was unchanged.
Mark is offline   Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 09:28 AM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.
Posts are regarded as being copyrighted by their authors and the act of posting material is deemed to be a granting of an irrevocable nonexclusive license for display here.