Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 111 - February 2011 - Page 16

Pages in this month's issue:
  1. 2011 Date Oddity - Birth Year Plus Age Equals 111
  2. False Rumour - US Post Office To Destroy African American Stamps
  3. Bigpond Database Upgrade Phishing Scam
  4. Hoax - Facebook Shutting Down on March 15
  5. Protest Message About Bedfordshire Police Rules Regarding Muslims
  6. Coca Cola Survey Phishing Scam
  7. Hoax Reports Claim Three Giant Spaceships Heading for Earth
  8. ATO Activity Statement Refund Phishing Scam
  9. 'My First St@tus' Rogue Facebook Application
  10. Facebook Deleting Inactive Users Hoax
  11. Hoax Warning - Anthrax in Tide Detergent Packs
  12. Hoax - University of Kentucky Removes Holocaust From Curriculum
  13. Facebook Trojan Email - 'Your Password is Changed'
  14. DNA Test Kit Scam Warning
  15. Phone Text Message Lottery Scams
  16. Question About eBay Item Phishing Scam
  17. Knob Face Trojan Worm Warning Message
  18. 'See Everyone Who Views Your Pr@file' Rogue Facebook Application
  19. McDonald's Survey Phishing Scam Email
  20. Parrot Flower Photographs
  21. AAAAAAA@AAA.AAA - First Address Book Entry Virus Control Hoax
  22. Evan Trembley Missing Child Hoax

Issue 111 Start Menu

Previous Article            Next Article

Question About eBay Item Phishing Scam

Outline
Email, purporting to be a question sent via eBay from a potential buyer, instructs the recipient to answer by clicking the "Respond Now" button.



Brief Analysis
The email is not from eBay. In fact, the email is a phishing scam designed to steal eBay login details from recipients. Clicking the "Respond Now" button opens a bogus login webpage.

Bookmark and Share
Detailed analysis and references below example.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:




Last updated: 4th January 2011
First published: 4th January 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: Question about Item #492297780326 - Respond Now

Question about Item #492297780326 - Respond Now


eBay sent this message on behalf of an eBay member through My Messages. Click the "Respond Now" button to answer the question.

Item: 492297780326

This message was sent while the listing was active.
********* is a potential buyer.

Hello, Shipping to Washington, DC please?
Thank you,
Betsy Respond to this question



Responses in My Messages will not include your email address.

Thank you,
eBay

eBay Question about item phishing scam




Detailed Analysis
Online auction website eBay is almost constantly targeted by scammers intent on stealing login and other personal information from eBay members. Such scam messages take many forms, including supposed complaints from other members, bogus "eBay administration" messages that claim that members must upgrade account details, and, as in the version discussed here, fake queries from potential buyers about item listings.

In this particular phishing campaign, the scammers have sent out bogus messages that supposedly contain a question about shipping costs from a potential buyer. The email, which at first glance appears to have been sent via the eBay website, requests recipients to click the "Respond Now" button included in the message, ostensibly in order to answer the "buyer's" query. However, the email was not sent via eBay and does not contain a genuine question from an eBay user. In fact, the email is an attempt by Internet criminals to steal confidential eBay login details from unsuspecting users.

In order to further the illusion of legitimacy, the bogus emails are designed to closely resemble genuine eBay messages. They include eBay logos, colour schemes and formatting. Those who fall for the ruse and click the "Respond Now" button will be taken to a fraudulent website that mimics a genuine eBay page. Once on the fake site, the victim will be urged to "login" with his or her eBay username and password supposedly so that a response to the "question" can be provided. However, the login details entered on the fake site will be sent directly to the scammers who can then use them to access the victim's real eBay account. Once they have managed to hijack the victim's account in this way, the scammers can use it to commit fraud using the victim's identity. In some versions of the scam, the victim may also be asked to provide credit card and other personal information via secondary forms displayed on the bogus website.

Given the prevalence of phishing scam attempts that target eBay, users should be very cautious of any emails that ask them to click a link and provide login details or other personal information. Rather than follow a link in an email, a safer method is to go directly to the eBay website via a new browser window and login. Genuine eBay messages will appear in the "Messages" section of your eBay account. eBay has published several basic tips on protecting yourself from scammers on its website along with more comprehensive information about phishing scams.

Many other high profile online entities and financial institutions are regularly targeted by phishing scammers. Phishing remains one of the most common types of Internet fraud and many people all around the world fall victim to such scams every day.

Read more information about recognizing and avoiding phishing scams

Bookmark and Share

References
Question From eBay Member Phishing Scam
eBay Phisher Scam
eBay - What can you do to protect yourself?
eBay - Phishing emails
Phishing Scams - Anti-Phishing Information



Previous Article            Next Article

Issue 111 Start Menu

Pages in this month's issue:
  1. 2011 Date Oddity - Birth Year Plus Age Equals 111
  2. False Rumour - US Post Office To Destroy African American Stamps
  3. Bigpond Database Upgrade Phishing Scam
  4. Hoax - Facebook Shutting Down on March 15
  5. Protest Message About Bedfordshire Police Rules Regarding Muslims
  6. Coca Cola Survey Phishing Scam
  7. Hoax Reports Claim Three Giant Spaceships Heading for Earth
  8. ATO Activity Statement Refund Phishing Scam
  9. 'My First St@tus' Rogue Facebook Application
  10. Facebook Deleting Inactive Users Hoax
  11. Hoax Warning - Anthrax in Tide Detergent Packs
  12. Hoax - University of Kentucky Removes Holocaust From Curriculum
  13. Facebook Trojan Email - 'Your Password is Changed'
  14. DNA Test Kit Scam Warning
  15. Phone Text Message Lottery Scams
  16. Question About eBay Item Phishing Scam
  17. Knob Face Trojan Worm Warning Message
  18. 'See Everyone Who Views Your Pr@file' Rogue Facebook Application
  19. McDonald's Survey Phishing Scam Email
  20. Parrot Flower Photographs
  21. AAAAAAA@AAA.AAA - First Address Book Entry Virus Control Hoax
  22. Evan Trembley Missing Child Hoax