Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Question About eBay Item Phishing Scam

Outline
Email, purporting to be a question sent via eBay from a potential buyer, instructs the recipient to answer by clicking the "Respond Now" button.

eBay Item Phishing Scam

© Depositphotos.com/alexskopje



Brief Analysis
The email is not from eBay. In fact, the email is a phishing scam designed to steal eBay login details from recipients. Clicking the "Respond Now" button opens a bogus login webpage.

Bookmark and Share

Examples
eBay Item Phishing Scam

Subject: Question about Item #492297780326 - Respond Now

Question about Item #492297780326 - Respond Now


eBay sent this message on behalf of an eBay member through My Messages. Click the "Respond Now" button to answer the question.

Item: 492297780326

This message was sent while the listing was active.
********* is a potential buyer.

Hello, Shipping to Washington, DC please?
Thank you,
Betsy Respond to this question



Responses in My Messages will not include your email address.

Thank you,
eBay

eBay Question about item phishing scam


Detailed Analysis


Online auction website eBay is almost constantly targeted by scammers intent on stealing login and other personal information from eBay members. Such scam messages take many forms, including supposed complaints from other members, bogus "eBay administration" messages that claim that members must upgrade account details, and, as in the version discussed here, fake queries from potential buyers about item listings.

In this particular phishing campaign, the scammers have sent out bogus messages that supposedly contain a question about shipping costs from a potential buyer. The email, which at first glance appears to have been sent via the eBay website, requests recipients to click the "Respond Now" button included in the message, ostensibly in order to answer the "buyer's" query. However, the email was not sent via eBay and does not contain a genuine question from an eBay user. In fact, the email is an attempt by Internet criminals to steal confidential eBay login details from unsuspecting users.

In order to further the illusion of legitimacy, the bogus emails are designed to closely resemble genuine eBay messages. They include eBay logos, colour schemes and formatting. Those who fall for the ruse and click the "Respond Now" button will be taken to a fraudulent website that mimics a genuine eBay page. Once on the fake site, the victim will be urged to "login" with his or her eBay username and password supposedly so that a response to the "question" can be provided. However, the login details entered on the fake site will be sent directly to the scammers who can then use them to access the victim's real eBay account. Once they have managed to hijack the victim's account in this way, the scammers can use it to commit fraud using the victim's identity. In some versions of the scam, the victim may also be asked to provide credit card and other personal information via secondary forms displayed on the bogus website.

Given the prevalence of phishing scam attempts that target eBay, users should be very cautious of any emails that ask them to click a link and provide login details or other personal information. Rather than follow a link in an email, a safer method is to go directly to the eBay website via a new browser window and login. Genuine eBay messages will appear in the "Messages" section of your eBay account. eBay has published several basic tips on protecting yourself from scammers on its website along with more comprehensive information about phishing scams.

Many other high profile online entities and financial institutions are regularly targeted by phishing scammers. Phishing remains one of the most common types of Internet fraud and many people all around the world fall victim to such scams every day.


Read more information about recognizing and avoiding phishing scams

Bookmark and Share

Last updated: October 14, 2013
First published: January 4, 2011
By Brett M. Christensen
About Hoax-Slayer

References
Question From eBay Member Phishing Scam
eBay Phisher Scam
eBay - What can you do to protect yourself?
eBay Phishing Tutorial
Phishing Scams - Anti-Phishing Information