'eBay Item Not Received' Phishing Scam Email

Outline
Email purporting to be from a disgruntled eBay customer claims that an item bought from the recipient has not been received and that the customer will leave negative feedback as a result. The message includes a link that supposedly leads to details about the purchased item.

Brief Analysis
The message is not from an eBay customer, disgruntled or otherwise. The link in the message leads to a fake eBay page designed to steal eBay login details. The stolen details will be used by Internet criminals to hijack the victim's real eBay account.

Detailed analysis and references below example.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:

Last updated: July 27, 2012
First published: July 27, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Example

Subject: eBay item not received please explain

Hi

Hi I have paid for this and yet I didn't received please reply or I will give you negative feedback

[Link removed]

Detailed Analysis
This email, which purports to be a complaint from an unhappy eBay customer, claims that a recently purchased item has not been received. The customer warns that if he does not receive a reply about the missing item, he will leave negative feedback for the seller. The email includes a link that supposedly opens an eBay description page about the missing item.

However, the email is not from an eBay customer who failed to receive a purchased item. In fact, the message is a phishing scam deigned solely to fool eBay users into divulging their login details. The email uses HTML to disguise the link so that it appears to point to a genuine eBay address. In fact, the link in this version of the scam email opens a website hosted in France that has no connection whatsoever with the real eBay website. Users who fall for the ruse will be taken to a scam webpage that displays the following fake eBay login window:

Those who proceed and enter their login details will then be redirected to a genuine eBay website as soon as they click the "Sign In" button. Thus, they may not immediately realize that they have been scammed. Meanwhile, the login credentials that they entered can be collected by criminals and used to hijack real eBay accounts. Once they have gained access to these accounts, the criminals can use them at will to conduct ongoing fraudulent activities.

Although this scam example is comparatively crude as phishing scams go, it is still likely to gain at least a few victims. eBay sellers are naturally keen to avoid any negative feedback on their profiles. Thus, the scammers bank on the fact that some users, concerned that they are about to unjustly receive feedback about a purchase, may click the scam link without due forethought.

Like other high profile online entities, eBay is almost constantly targeted by phishing scammers. Be cautious of any message claiming to be from eBay or other eBay users that claims that you should click a link to review a disputed purchase, update or verify your account, or stop an impending account suspension. Rather than click a link in an email in order to login, it is safest to access your eBay account by entering the web address into your browser's address bar.

eBay has published detailed information on its website that helps customers learn how to recognize a phishing scam should one come their way.

References
Check Links in HTML Emails
Phishing Scams - Anti-Phishing Information
Recognizing spoof (fake) eBay websites

Last updated:July 27, 2012
First published: July 27, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer