Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation










Issue 137 - August 2012 (2nd Edition) - Page 35

'eBay Item Not Received' Phishing Scam Email

Issue 137 Start Menu

Previous Article            Next Article

Outline
Email purporting to be from a disgruntled eBay customer claims that an item bought from the recipient has not been received and that the customer will leave negative feedback as a result. The message includes a link that supposedly leads to details about the purchased item.



Brief Analysis
The message is not from an eBay customer, disgruntled or otherwise. The link in the message leads to a fake eBay page designed to steal eBay login details. The stolen details will be used by Internet criminals to hijack the victim's real eBay account.

Bookmark and Share
Detailed analysis and references below example.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:






Scroll down to submit comments
Last updated: July 27, 2012
First published: July 27, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example

Subject: eBay item not received please explain

Hi

Hi I have paid for this and yet I didn't received please reply or I will give you negative feedback

[Link removed]




Detailed Analysis
This email, which purports to be a complaint from an unhappy eBay customer, claims that a recently purchased item has not been received. The customer warns that if he does not receive a reply about the missing item, he will leave negative feedback for the seller. The email includes a link that supposedly opens an eBay description page about the missing item.

However, the email is not from an eBay customer who failed to receive a purchased item. In fact, the message is a phishing scam deigned solely to fool eBay users into divulging their login details. The email uses HTML to disguise the link so that it appears to point to a genuine eBay address. In fact, the link in this version of the scam email opens a website hosted in France that has no connection whatsoever with the real eBay website. Users who fall for the ruse will be taken to a scam webpage that displays the following fake eBay login window:

Fake eBay Login
Those who proceed and enter their login details will then be redirected to a genuine eBay website as soon as they click the "Sign In" button. Thus, they may not immediately realize that they have been scammed. Meanwhile, the login credentials that they entered can be collected by criminals and used to hijack real eBay accounts. Once they have gained access to these accounts, the criminals can use them at will to conduct ongoing fraudulent activities.

Although this scam example is comparatively crude as phishing scams go, it is still likely to gain at least a few victims. eBay sellers are naturally keen to avoid any negative feedback on their profiles. Thus, the scammers bank on the fact that some users, concerned that they are about to unjustly receive feedback about a purchase, may click the scam link without due forethought.

Like other high profile online entities, eBay is almost constantly targeted by phishing scammers. Be cautious of any message claiming to be from eBay or other eBay users that claims that you should click a link to review a disputed purchase, update or verify your account, or stop an impending account suspension. Rather than click a link in an email in order to login, it is safest to access your eBay account by entering the web address into your browser's address bar.

eBay has published detailed information on its website that helps customers learn how to recognize a phishing scam should one come their way.

Bookmark and Share



References

Check Links in HTML Emails
Phishing Scams - Anti-Phishing Information
Recognizing spoof (fake) eBay websites


Last updated:July 27, 2012
First published: July 27, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Previous Article            Next Article

Issue 137 Start Menu

Pages in this issue:
  1. Anti Text-Driving Message - Car Wedged Under Truck Image
  2. Nationwide Phishing Scam Emails
  3. Faux Image - Double Sunset on Mars
  4. Microsoft Cyber-Crime Department Phishing Scam
  5. Does A Photo Depict A Puppy Being Forced to Drink Vodka?
  6. Post Circulating Claims Hotel Made Disabled US Veteran Crawl Down Stairs
  7. AFL vs NRL - Wrongdoings of Australian Members of Parliament Hoax
  8. Three.co.uk Phishing Scam
  9. Another Facebook Sick Baby Hoax - Baby With Brain Cancer
  10. Circulating Opinion Piece - 'Democratic, Republican Liberal-Progressive's Worst Nightmare'
  11. Fake Three (Or Seven) Headed Snake Image
  12. Misleading Health Advice Email - 'Mayo Clinic on Aspirin and Heart Attacks'
  13. Facebook Survey Scam - Free Argos Gift Card
  14. 'Email Deactivation Warning' Phishing Scam
  15. Anti-Obama Youtube Video Compiles Multiple Conspiracy Theories
  16. Fake AT&T Bill Emails Point To Malware
  17. Messages Claim Coca Cola to be Banned In Bolivia
  18. 'Free Apple Product' Text Message Survey Scam
  19. Circulating Warning - Facebook May Close Down Animal Rescue Account'
  20. 2012 FIFA World Cup Online Lottery Advance Fee Scam
  21. Email Claiming US Gold Medal Gymnast Gabrielle Douglas Faces Lifetime Ban Used to Spread Malware
  22. Bigpond Security Service Phishing Scam
  23. Wrestling Star John Cena is NOT Dead
  24. Hoax - NASA Predicts Total Blackout of Planet in Dec 2012
  25. Wrestling Star Undertaker is NOT Dead
  26. Colin And Chris Weir Donation Programme Advance Fee Scam
  27. US EPA Regulations Force Power Plant Closures
  28. 'View Facebook Followers' Scam Targets Twitter Users
  29. Lloyds TSB 'New Banking Authentication' Phishing Scam
  30. Faux Image - Pilots Protesting Chemtrails
  31. Telstra Bill Account Update Phishing Scam
  32. McDonald's Signboard Supporting Chick-Fil-A
  33. ABSA 'Authorized EFT Payment Received' Phishing Scam
  34. Hoax Picture - Obama Holding Phone Upside Down
  35. 'eBay Item Not Received' Phishing Scam Email
  36. Wells Fargo 'Security Check' Phishing Scam
  37. False Warnings - 'Cleaning out Friends List' Questions on Facebook Contain Viruses or are Posted by Hackers