Build Your Own Arcade Controls Forum
Main => Buy/Sell/Trade - non-retail => Topic started by: Mr. Do on April 03, 2007, 12:33:45 pm
-
Well, this is just lovely. You receive a reply via eBay's "My Messages" system for an item you want to buy, so naturally you trust it, right?
WRONG!!!
I seriously can't believe I went for this late last night, but I was half asleep, and it was for an item I wanted to buy, so that extra incentive was there. When I put in the URL and it asked me to login, I chalked it up to my computer acting up.
It wasn't until early this morning after I woke up that the lightbulb went off in my head what I had just done. I logged back on for real and changed my password and some other account information. Also checked to see if any bids had been placed, items being watched, etc., and everything looks OK. The good thing was I went to bed late and woke up early, so the window of opportunity was only a few hours.
So I send it off to eBay's "spoof" department. I get an automated reply that it WASN'T reviewed because I didn't "forward" the email. Well, duh! It wasn't an email, it was your own damn "My Message" system, people. So I forwarded the original sent mail, and it seems to have gone through. I'll update when I get some type of reply back.
As lots of people around here do a lot of eBaying, I thought I'd put up this PSA. Screenshot below from my own "My Messages" page:
-
Tricky. I had no idea you could send an anonymous message on ebay.
-
I've been getting tons of these lately also. It is only when I've been selling tho. I've already been logged in when I notice them. I've been getting at least 2 a day and they are on the increase. I've sent each one off to the "spoof" dept. but have yet to hear anything about them. I'm at a point now where I'm about to give up on the whole fricken thing. :timebomb: I wish there was a better alternative to ebay.....
-
I've sent each one off to the "spoof" dept. but have yet to hear anything about them. I'm at a point now where I'm about to give up on the whole :censored: thing. :timebomb:
You will not hear anything more from ebay or paypal except that it has been received and that they are looking into the matter. Each time I get one of these emails I ship them off to spoof as well. This is they only way to keep the numbers down. Just don't follow the links in the messages and take it as part of the business. The hackers always go to the most active sites to do their phising because there are more fish to get results from. If there was a better option then eBay then the scam artists would be there too.
Don't give up just because there are rocks in your path. Pick up the rocks to build a wall of experience to protect yourself with.
TTFN :cheers:
Kaytrim
-
Don't give up just because there are rocks in your path. Pick up the rocks to build a wall of experience to protect yourself with.
Is this you?
-
Excellent!
-
your aim is a little off there dude. :dizzy:
-
These are NOT from ebay's message system. They're meant to look identical. If you put your cursor over any links in the message you'll see that they don't go to ebay.com, but somewhere else with ebay in the name. Yahoo seems to filter most of mine out, but I have seen one recently.
Remember, it's easy to make an email look like it came from a legit source. Don't trust any email you weren't expecting, and don't trust anything that comes from a known hangout of scammers (Ebay). If you get something legit from ebay, you can open a new window and login manually to see the same information.
-
These are NOT from ebay's message system. They're meant to look identical. If you put your cursor over any links in the message you'll see that they don't go to ebay.com, but somewhere else with ebay in the name. Yahoo seems to filter most of mine out, but I have seen one recently.
Remember, it's easy to make an email look like it came from a legit source. Don't trust any email you weren't expecting, and don't trust anything that comes from a known hangout of scammers (Ebay). If you get something legit from ebay, you can open a new window and login manually to see the same information.
No offense, but I'm not THAT naive. I did not click a link in my email, I was on eBay's site, logged in manually to my account, and accessed the message from the "My Messages" system within eBay, answering a reply to a "Want it Now" post.
The point is that the phishing scam is coming from what are probably compromised accounts and being posted within eBay.
Just finished with a live rep. I guess this thing has ramped up recently in the past couple days, and there should be something on their announcements page soon.
-
Good to hear that they are on top of the issue. Thanks to users like you who go the extra mile to bring this to their attention. I have received messages trying to get me to buy something similar to something that I was selling but I wasn't buying it. I'd pass them on and leave it at that. All my messages come into a separate email account I have set aside for my eBay sales. When I get one of these I just froward it on to spoof@ebay.com. They normally get back to me soon telling me that they will take care of it.
TTFN :cheers:
Kaytrim
-
You think that's bad? It gets even WORSE.
There are listings now that after you click on them to view them, automatically switches to a page that looks EXACTLY like the normal Ebay "sign in" page. The only way to notice something is "not right" is if you look at the URL in the address bar. But chances are, you'll just enter your username and password, since Ebay is full of areas and options that require sign-in before using.
-
You think that's bad? It gets even WORSE.
There are listings now that after you click on them to view them, automatically switches to a page that looks EXACTLY like the normal Ebay "sign in" page. The only way to notice something is "not right" is if you look at the URL in the address bar. But chances are, you'll just enter your username and password, since Ebay is full of areas and options that require sign-in before using.
Thats it...time to change the password.
-
You think that's bad? It gets even WORSE.
There are listings now that after you click on them to view them, automatically switches to a page that looks EXACTLY like the normal Ebay "sign in" page. The only way to notice something is "not right" is if you look at the URL in the address bar. But chances are, you'll just enter your username and password, since Ebay is full of areas and options that require sign-in before using.
That sounds almost as likely to be a local browser worm, a .hosts redirect, or something similar on the local client. It would be much, much harder to hack into ebay and actually change their links.
-
That sounds almost as likely to be a local browser worm, a .hosts redirect, or something similar on the local client. It would be much, much harder to hack into ebay and actually change their links.
Enter: Vladuz into Google (nothing more, just that name) and see what the REAL story is. eBay HAS been hacked, they have full control inside their own servers. Of course eBay will never admit that.
-
Wow. Point made.
-
Here is a story on EWeek.com that was posted this last Monday. http://www.eweek.com/article2/0,1895,2100808,00.asp (http://www.eweek.com/article2/0,1895,2100808,00.asp) It talks about this issue, very interesting read.