Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Newest round of Ebay phishing

Reply
Thread Tools

Newest round of Ebay phishing

 
 
Bit Twister
Guest
Posts: n/a
 
      05-30-2005
On Mon, 30 May 2005 11:04:30 -0400, Alceryes wrote:
> I just got hit with a couple of emails *supposedly* from ebay.
> The site it takes you to looks VERY genuine. Be careful ebay users...


Hope you forwarded to ebay. They might get the site taken down.
 
Reply With Quote
 
 
 
 
Alceryes
Guest
Posts: n/a
 
      05-30-2005
I just got hit with a couple of emails *supposedly* from ebay.
The site it takes you to looks VERY genuine. Be careful ebay users...
Below is a copy of the email...



Dear valued eBay member:

We recently have determined that different computers have signed into your
eBay account, and multiple password failures were present before this
attempts. We now need you to confirm your account information to us. If this
is not completed by June 10, 2005 we will be forced to suspend your account
indefinitely, as it may have been used for fraudulent purposes. We thank you
for your cooperation in this manner.

To confirm your eBay account information click on the link below:
https://services.ebay.com/saw-cgi/eBayISAPI.dll?Confirm

We appreciate your support and understanding, as we work together to keep
eBay a safe place to trade.
Thank you for your patience in this matter.

Trust and Safety Department
eBay Inc.

Please do not reply to this e-mail as this is only a notification. Mail sent
to this address cannot be answered.

Copyright 1995-2005 eBay Inc. All Rights Reserved. Designated trademarks and
brands are the property of their respective owners. Use of this Web site
constitutes acceptance of the eBay User Agreement and Privacy Policy.
Designated trademarks and brands are the property of their respective
owners. eBay and the eBay logo are trademarks of eBay Inc. eBay is located
at 2145 Hamilton Avenue, San Jose, CA 95125.

To: http://www.velocityreviews.com/forums/(E-Mail Removed)


 
Reply With Quote
 
 
 
 
Alceryes
Guest
Posts: n/a
 
      05-30-2005
Sorry, the link didn't follow. Here's the page it actually takes you to.

http://www2.milwaukee.k12.wi.us/whit...eBay/index.htm



"Alceryes" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I just got hit with a couple of emails *supposedly* from ebay.
> The site it takes you to looks VERY genuine. Be careful ebay users...
> Below is a copy of the email...
>
>
>
> Dear valued eBay member:
>
> We recently have determined that different computers have signed into your
> eBay account, and multiple password failures were present before this
> attempts. We now need you to confirm your account information to us. If
> this is not completed by June 10, 2005 we will be forced to suspend your
> account indefinitely, as it may have been used for fraudulent purposes. We
> thank you for your cooperation in this manner.
>
> To confirm your eBay account information click on the link below:
> https://services.ebay.com/saw-cgi/eBayISAPI.dll?Confirm
>
> We appreciate your support and understanding, as we work together to keep
> eBay a safe place to trade.
> Thank you for your patience in this matter.
>
> Trust and Safety Department
> eBay Inc.
>
> Please do not reply to this e-mail as this is only a notification. Mail
> sent to this address cannot be answered.
>
> Copyright 1995-2005 eBay Inc. All Rights Reserved. Designated trademarks
> and brands are the property of their respective owners. Use of this Web
> site constitutes acceptance of the eBay User Agreement and Privacy Policy.
> Designated trademarks and brands are the property of their respective
> owners. eBay and the eBay logo are trademarks of eBay Inc. eBay is located
> at 2145 Hamilton Avenue, San Jose, CA 95125.
>
> To: (E-Mail Removed)
>



 
Reply With Quote
 
David H. Lipman
Guest
Posts: n/a
 
      05-30-2005
From: "Alceryes" <(E-Mail Removed)>

| I just got hit with a couple of emails *supposedly* from ebay.
| The site it takes you to looks VERY genuine. Be careful ebay users...
| Below is a copy of the email...
|
| Dear valued eBay member:
|
| We recently have determined that different computers have signed into your
| eBay account, and multiple password failures were present before this
| attempts. We now need you to confirm your account information to us. If this
| is not completed by June 10, 2005 we will be forced to suspend your account
| indefinitely, as it may have been used for fraudulent purposes. We thank you
| for your cooperation in this manner.
|
| To confirm your eBay account information click on the link below:
| https://services.ebay.com/saw-cgi/eBayISAPI.dll?Confirm
|
| We appreciate your support and understanding, as we work together to keep
| eBay a safe place to trade.
| Thank you for your patience in this matter.
|
| Trust and Safety Department
| eBay Inc.
|
| Please do not reply to this e-mail as this is only a notification. Mail sent
| to this address cannot be answered.
|
| Copyright 1995-2005 eBay Inc. All Rights Reserved. Designated trademarks and
| brands are the property of their respective owners. Use of this Web site
| constitutes acceptance of the eBay User Agreement and Privacy Policy.
| Designated trademarks and brands are the property of their respective
| owners. eBay and the eBay logo are trademarks of eBay Inc. eBay is located
| at 2145 Hamilton Avenue, San Jose, CA 95125.
|
| To: (E-Mail Removed)
|

Please submit this and any other phishing attempt email to the Anti-Phishing Organization.

http://www.antiphishing.org/report_phishing.html

Just capture Full Headers and Body and send an email to; (E-Mail Removed)

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


 
Reply With Quote
 
Unruh
Guest
Posts: n/a
 
      05-30-2005
"Alceryes" <(E-Mail Removed)> writes:

>I just got hit with a couple of emails *supposedly* from ebay.
>The site it takes you to looks VERY genuine. Be careful ebay users...
>Below is a copy of the email...




>Dear valued eBay member:


>We recently have determined that different computers have signed into your
>eBay account, and multiple password failures were present before this
>attempts. We now need you to confirm your account information to us. If this
>is not completed by June 10, 2005 we will be forced to suspend your account
>indefinitely, as it may have been used for fraudulent purposes. We thank you
>for your cooperation in this manner.


>To confirm your eBay account information click on the link below:
>https://services.ebay.com/saw-cgi/eBayISAPI.dll?Confirm


Of course the key is to make sure that you NEVER click on something in an
email. You copy the address into your browser. Doing this gives

An error occurred while loading
https://services.ebay.com/saw-cgi/eB...I.dll?Confirm:
Could not connect to host services.ebay.com



>We appreciate your support and understanding, as we work together to keep
>eBay a safe place to trade.
>Thank you for your patience in this matter.


>Trust and Safety Department
>eBay Inc.


>Please do not reply to this e-mail as this is only a notification. Mail sent
>to this address cannot be answered.


>Copyright 1995-2005 eBay Inc. All Rights Reserved. Designated trademarks and
>brands are the property of their respective owners. Use of this Web site
>constitutes acceptance of the eBay User Agreement and Privacy Policy.
>Designated trademarks and brands are the property of their respective
>owners. eBay and the eBay logo are trademarks of eBay Inc. eBay is located
>at 2145 Hamilton Avenue, San Jose, CA 95125.


>To: (E-Mail Removed)



 
Reply With Quote
 
Bit Twister
Guest
Posts: n/a
 
      05-30-2005
On 30 May 2005 23:15:45 GMT, Unruh wrote:
>
> Of course the key is to make sure that you NEVER click on something in an
> email. You copy the address into your browser. Doing this gives


Yes, but some have
onMouseOver="do the infection here code"
not to mention lots of other methods beside click to infect.


 
Reply With Quote
 
Hootowl
Guest
Posts: n/a
 
      05-31-2005
On Mon, 30 May 2005 18:22:10 -0500, Bit Twister
<(E-Mail Removed)> wrote:

>On 30 May 2005 23:15:45 GMT, Unruh wrote:
>>
>> Of course the key is to make sure that you NEVER click on something in an
>> email. You copy the address into your browser. Doing this gives

>
>Yes, but some have
> onMouseOver="do the infection here code"
>not to mention lots of other methods beside click to infect.


Use Forte Agent or another text-based (non-scriptable) news reader,
and the mouseover exploit (at least) shouldn't work. Unless there's
some setting I'm unaware of (which is highly possible).

Dan
>


 
Reply With Quote
 
Vanguard
Guest
Posts: n/a
 
      05-31-2005
"Alceryes" <(E-Mail Removed)> wrote in message
news(E-Mail Removed)...
> Sorry, the link didn't follow. Here's the page it actually takes you
> to.
>
> http://www2.milwaukee.k12.wi.us/whit...eBay/index.htm



Always show the raw source of an e-mail if it is HTML formatted.
Copying and pasting the *rendered* version of an HTML e-mail (i.e., what
you see) won't show any of the tricks possible within the HTML code
(i.e., the HTML rendered version isn't of much use to trace to where the
links go).

So did you report the phish mail to the feds ((E-Mail Removed)), the
antiphishing group ran by Microsoft, eBay, Visa, GeoTrust, and others
((E-Mail Removed)), and to the wi.us domain (use
http://www.whois.us/ to get registrant's info) and their upstream
provider (do a traceroute on the URL; my tracert shows tds.net upstream
of wi.us)?

 
Reply With Quote
 
Vanguard
Guest
Posts: n/a
 
      05-31-2005
"Bit Twister" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On 30 May 2005 23:15:45 GMT, Unruh wrote:
>>
>> Of course the key is to make sure that you NEVER click on something
>> in an
>> email. You copy the address into your browser. Doing this gives

>
> Yes, but some have
> onMouseOver="do the infection here code"
> not to mention lots of other methods beside click to infect.
>
>



Not if you are using the PROPER security zone when viewing HTML
formatted e-mails (if your e-mail client supports security zones; else,
it needs to provide its own security settings). For Outlook or Outlook
Express, you should configure them to view e-mails in the Restricted
Sites security zone, and that security zone should be configured at the
High setting level. That will disable ALL scripts in an e-mail,
including Javascript (so the onmouse* events can't do anything).

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ebay ebay ebay ebay ebay ebay ebay ebay ebay ebay ebay ebay ebay Bigbazza Computer Support 0 10-16-2007 09:05 AM
ebay ebay ebay Bigbazza Computer Support 0 10-16-2007 09:04 AM
Ebay phishing, nethere20@hotmail.com Computer Security 10 06-30-2006 06:41 PM
Phishing on Ebay JC NZ Computing 1 05-31-2005 05:14 AM
Computer Goes Round and Round Checking Alan Computer Support 6 10-08-2004 08:24 AM



Advertisments