Page 1 of 2 12 LastLast
Results 1 to 30 of 42

Thread: eBay email scam warnings! Pay Pal too!!!

  1. #1
    Join Date
    Jan 1970
    Location
    "The SC" (South Carolina)
    Posts
    16,216

    eBay email scam warnings!

    There is a recent rash of emails asking you to verify your credit card account that LOOKS VERY LEGITIMATE. However, when you look at the link it asks for things like your PIN number and SSN. There is no reason to give those sorts of things out. So...DO NOT USE ANY LINKS to update your account information. Allways log in direct to your account and do it that way if you think you need to.

    Report these emails to eBay by forwarding them on with header displayed to spoof@ebay.com


    AGD, where we are so good we can do it with only ONE tube!

    cphilip.com

  2. #2

  3. #3
    Join Date
    Jan 1970
    Location
    "The SC" (South Carolina)
    Posts
    16,216
    No prollem...

    As we know these happen often realy but one of these latest ones is particularly well done...

  4. #4
    Join Date
    Jan 1970
    Location
    "The SC" (South Carolina)
    Posts
    16,216
    Also be on the watch out for emails requestiong Pay Pal verifications. It's also a scam from what I hear. I go tone of these today also. Do not fill that link out. If you think you need to update anything then go sign into your account directly and do it. But most likely you do not need to change anything. Report these also to spoof@ebay.com as they own Pay Pal.

    Nothing in either account cannot be accomplished from within the account itself. Links used in these emails appear legitimate but are not. Be carefull. Do Not use any of them.

    Note this at the bottom of any eBay communication.

    eBay will not request personal data (password, credit card/bank numbers, and so on) in an email. Learn how to protect your account.


    ANY EMAIL THAT TELLS YOU THAT YOU HAVE A PROBLEM AND NEED TO FIX IT BY VISITING THE LINK IS A SCARE SCAM. NEVER USE ANY LINK TO DO ANYTHING!!!!!!!!!
    Last edited by cphilip; 05-20-2003 at 08:55 AM.

  5. #5
    Join Date
    Jan 1970
    Location
    "The SC" (South Carolina)
    Posts
    16,216
    After reporting several of them yesterday I got this back from eBay (yea the real one!)

    Here is one of the emails I recieved that I reported. This one has a very legitimate looking page link but it asks for information that should not be asked for. Check it out and see. Its very well done but... The information they ask for? Thats what made me very suspicious and I checked into it first and found others also had gotten it. It's a scam. Trust your instincts on these. If they ask for PIN numbers and such things only you would realy need they are up to something In fact if they email you for anything be suspicious and only do things in your account by going directly there and loggin in and doing it. Here is the email:

    Recently we attempted to authorize payment from your credit card we have on file for you, but it was declined.

    For security purposes, our system automatically removes credit card information from an account when there is a problem or the card expires.

    Please resubmit the credit card, and provide us with new and complete information. To resubmit credit card information via our secure server, click the following link:

    http://cgi3.ebay.com/aw-cgi/eBayISAPI.dll?SignIn
    This is the quickest and easiest method of getting credit card information to us. Using the secure server will ensure that the credit card will be placed on account within 24 hours.



    Copyright 1995-2003 eBay Inc.



    All Rights Reserved. Designated trademarks and brands are the property of their respective



    Here is eBays reply to my reporting it, which contains some good advice:

    Thank you for contacting eBay's Trust & Safety Department about an email you received from an address that includes '@ebay.com' but that may not be an authentic email from eBay. We will investigate this situation
    immediately.


    Please be advised that there have been cases where people have attempted to gain access to an eBay member's personal information by sending "spoof" emails. Spoof emails intentionally give the false impression that they have been sent by eBay to solicit people to transmit their account information. Based on your inquiry to eBay's Trust and Safety Department, the email you received was likely a spoof.


    eBay is very concerned about spoof email and is taking prompt action to address the issue. If you think you may have entered personal information into a spoof site, we advise you to review the information at the web address below, which contains more detailed information about
    the following steps:


    http://pages.ebay.com/help/confidenc...ity-theft.html


    1. Change your eBay password and email account password


    Periodically changing your password is one of the most effective ways to maintain security on any Web site. If you think there is a possibility of a breach in your account security, we strongly suggest that you begin by changing your password.


    2. Forward the email to Spoof@ebay.com


    If you haven't already done so, please forward a copy of the email, (which will include the full header), to spoof@ebay.com. Forwarding the email will help us investigate this matter more quickly. Please do not
    forward the email as an attachment or alter the subject line in any way. For more information on how to identify a header, please visit:


    http://pages.ebay.com/help/basics/information.html


    3. Protect your identity


    If you entered information such as your social security number or credit
    card numbers into a web site that you were directed to via a spoofed
    email, you need to take immediate action to protect your identity. The
    following web sites have valuable information on the steps you should
    take to protect yourself:

    eBay Help:
    http://pages.ebay.com/help/confidenc...ity-theft.html
    U.S. Government ID Theft Site:
    http://www.consumer.gov/idtheft/victim.htm
    BBB ID Theft Site:
    http://www.newyork.bbb.org/identitytheft/newscams.html


    As we move forward with our investigation, we will contact you if we need further information. In order to dedicate resources to investigating this type of situation, please submit any other questions or concerns through our Help System, which can be accessed by clicking on the Help button at the top of any eBay page.


    *Please do not respond to this email as your reply will not be received. If you need to contact us again, please use the eBay Help system.


    We appreciate your efforts in helping keep eBay a safe online marketplace.


    Regards,

    eBay Trust & Safety Team

  6. #6
    Join Date
    Jan 1970
    Location
    "The SC" (South Carolina)
    Posts
    16,216
    After I signed into that to see what it was and looked and backed out, I immediately changed my passwords. On both my eBay and Pay Pal just in case....

    Also from Pay Pal is this warning:

    Note: When you log in to your PayPal account, be sure that the
    website's URL always begins with "https://www.paypal.com/".
    The "s" in "https" at the beginning of the URL means you are
    logging into a secure page. If the URL does not begin with
    https, you are not on a PayPal page.
    Last edited by cphilip; 05-20-2003 at 08:43 AM.

  7. #7
    Join Date
    Jan 1970
    Location
    "The SC" (South Carolina)
    Posts
    16,216
    You may also wish to read this article:

    WAshington Post article on online auction scams

  8. #8
    Join Date
    Aug 2001
    Location
    Portland, Oregon
    Posts
    235
    Just curious:

    How do they do that http://cgi.ebay.com thing, without going to one of Ebay's servers?

  9. #9
    Join Date
    Jan 1970
    Location
    "The SC" (South Carolina)
    Posts
    16,216
    Well what they do is called Spoofing but I do not know technicaly how they do it. They somehow mask realy what the address is. And somehow present to you the appearance its that real address. Ask some of the geeks here how to do it. This latest one is realy smooth and perfect. They told me today it was indeed a spoof. But it even had you log in and stuff. And thats where they get that much info even if you do not fall for and fill out the other information. If you go into one of these then back out and immediately change your password.

  10. #10
    Join Date
    Feb 2002
    Location
    Chino
    Posts
    1,469
    There are a few types of spoofing. There are TCP, DNS, and web spoofing. Spoofing is not the acctual attack but a step in the attack. I'm not to knowledgable on spoofing but do read some things about it. Someone who is a network security specialist would have more knowledge. Here is a link about spoofing.

  11. #11
    Join Date
    Dec 2002
    Location
    NCC 1701 Command Bridge
    Posts
    778
    I just got one from "Pay Pal" it asks for your credit card and Pin number.

    This one had a send button. You type everything in the mailer page and hit send and it relays it to a the scammer site. I tried to type something LIke youve been busted by the FBI but it only accepts valid email Identitys.
    All your farm animals are belong to us.

  12. #12
    Join Date
    May 2003
    Location
    Chattanooga,TN
    Posts
    165
    yall can do it just like when you put link in and then a differnt address. Example http://cgi.ebay.com
    www.theangelguy.com
    For all your Angel Needs

  13. #13
    Join Date
    Mar 2002
    Location
    New Jersey
    Posts
    32
    thanks for the heads up!

  14. #14
    Join Date
    Jan 2002
    Location
    Madeira Beach,FL wo0t wo0t
    Posts
    4,392
    im tired

  15. #15
    Riotz Guest
    There's one going around for Paypal too.

  16. #16
    Join Date
    Jan 1970
    Location
    "The SC" (South Carolina)
    Posts
    16,216
    Yea I guess I should put that in the title too... Pay Pal also and I copied one of those up there somewhere...

  17. #17
    Join Date
    Sep 2001
    Location
    Minneapolis, MN
    Posts
    2,427
    Being an email abuse/spam fighting guy I would offer a reminder:

    The From: and To: addresses in email mean literally nothing. Both the From: and To: headers are provided from the sending mail server, and there is no way to verify the data. You can not trust either one.

    The only thing you can truse is the information added to the recieved headers by your own mail server.

    If anyone wants more info about reading email headers PM me, I would be glad to help.

  18. #18
    Join Date
    Jan 1970
    Location
    "The SC" (South Carolina)
    Posts
    16,216
    Got a new one today and its somewhat similar to some of the others. AGAIN DO NOT USE ANY LINKS IT A SCAM!!!

    Here is the new one:

    Dear eBay customer

    During the last time we have been re-writing our security policy
    according to our database uppgrades. From now on you will have
    to verify your account and your personal information and
    confirm that you are the true holder of your account.

    All information is kept confidential in accordance with
    eBay/Paypals privacy policy, and all the data is protected
    by the industry standard SSL encryption.

    Click on the link below and follow the instructions:

    www.ebay.com/PayPal&eBay/AccountVerification/


    IMPORTANT:
    Unless you do not verify your account it will be closed,
    and you will have to re-register your membership.

  19. #19
    Join Date
    Jan 1970
    Location
    "The SC" (South Carolina)
    Posts
    16,216
    One thing eBay is telling people is you most likely are getting these because your user name is your email address. You are recomended to change that to stop getting these Spoofs. I suppose that would go for your Pay Pal as well.

  20. #20
    Join Date
    Jan 2003
    Location
    Quartz Hill
    Posts
    1,647
    damn p-pal emails, iv'e gotten a few of those in the last week and a load of ones from e-bay..
    Sig over 50k

  21. #21
    Join Date
    Nov 2001
    Location
    BlaZed in Jersey
    Posts
    395
    thanks for the heads up
    ---------------------------------------
    "Man this yoohoo is good, you know what else is good, smokin dope."

    [IMG] C:\My Documents\My Pictures\badassbuddy_com-liljon.gif[/IMG]

  22. #22
    Join Date
    Aug 2003
    Location
    Korea atm
    Posts
    9
    Thanx for the heads up.
    Praise the Lord and pass the ammo

  23. #23
    Join Date
    Dec 2000
    Location
    Oneonta NY & Long Island (Glen Cove) :)
    Posts
    10,187
    Look at this one, these guys need to take some basic grammar classes, and figure out how to make all those odd programming thingies work right.




    var cbc; if (cbc) writeBrow();
    home var cbc; if (cbc) { if ((ReadCookie("ebaysignin") == "in")||(ReadCookie("keepmesignin") == "in")) { } else document.write(" | register"); } var cbc; if (cbc) { if ((ReadCookie("ebaysignin") == "in")||(ReadCookie("keepmesignin") == "in")) document.write(' | sign out'); else document.write(' | sign in'); } | services | site map | help






    Dear eBay Member,



    We at eBay are sorry to inform you that we are having problems with the billing information of your account. We would appreciate it if you would visit our website [eBay Billing Center] and fill out the proper information that we are needing to keep you as an eBay member.

    If you think you have received this email as an error, please visit our website and fill out the necessary information. That way we can make sure that everything is up to date! Again here is the link to our website. eBay Billing Center

    ***Please Do Not Reply To This E-Mail As You Will Not Receive A Response***

    Thank you
    Accounts Management

    As outlined in our User Agreement, eBay will periodically send you information about site changes and enhancements. Visit our Privacy Policy and User Agreement if you have any questions.

    Copyright 2003 eBay Inc. All Rights Reserved.
    Designated trademarks and brands are the property of their respective owners.
    eBay and the eBay logo are trademarks of eBay Inc







    Announcements | Register | SafeHarbor (Rules & Safety) | Feedback Forum | About eBay

    --------------------------------------------------------------------------------




    Copyright © 1995-2003 eBay Inc. All Rights Reserved.
    Designated trademarks and brands are the property of their respective owners.
    Use of this Web site constitutes acceptance of the eBay User Agreement and Privacy Policy.

  24. #24
    Originally posted by Tubby_Ninja
    Just curious:

    How do they do that http://cgi.ebay.com thing, without going to one of Ebay's servers?
    Uhhh, that is an actual eBay site. The "cgi" part is just a subdomain of ebay.com--meaning it is part of ebay itself.

    Sorry, I know this thread is old, but you are scaring people off of real emails. If I remember another thread on here stating that those were actually real, and that you just received them because ebay had trouble charging the seller's fee to whatever account info they have on file.
    Pewter SFL E-Mag #EM01569
    Pewter Shocktech Intimidator


    My Trading Feedback

    Extraordinary Traders:
    Johnny Bravo

    Good Traders:
    fcpchop, Xerces, Piccolo, hawpunch, Boble86, NCpaintballer, Chupas2, shrapnel, gump1119, Methos, PunkOff, TheFlamingKoosh, RogueFactor, Jonesie

  25. #25
    Originally posted by PyRo
    Umm yeah, he is wrong. Don't listen to those e-mails.
    Are you kidding me? In another thread a few months ago I think cphillip or someone said that they ended up being true.

    You are aware that the cgi part in http://cgi.ebay.com is part of ebay itself? It's a subdomain. If you have any experience web-developing or whatnot, you would know that that is actually a page on ebay's servers.

    That's like saying http://sports.yahoo.com is NOT part of Yahoo.

  26. #26
    If you still don't want to listen to me, try this:

    1) Goto http://www.ebay.com

    2) Look in the main content area for a section called Featured Items -- the words should be in a green box.

    3) Place your cursor over one of the links to a featured item and leave it there.

    4) Look in the status bar of Internet Explorer and look where that link will lead you to.

    You see how it says http://cgi.ebay.com/yadayadayada ? Point proven.

  27. #27
    Join Date
    Dec 2000
    Location
    Oneonta NY & Long Island (Glen Cove) :)
    Posts
    10,187
    What are you talking about?

  28. #28
    PyRo: Hehehe. I used to work for RazorFish, a web-development company a year or so ago. I've also done plenty of server maintenance for GameGlow when it was still hosting the www.diablo2.com site. Anyone getting those emails should actually listen to them as long as they have ebay.com somewhere in the URLs.

    -Ron

  29. #29
    Join Date
    May 2001
    Location
    ELK, WA
    Posts
    1,089
    I got one these from "e-bay" I did not know if it was real or not so I sent it to e-bay and here is what I got back..
    Hello,

    Thank you for contacting eBay's Trust and Safety Department about email
    solicitations that are falsely made to appear to have come from eBay.
    These emails, commonly referred to as "spoof" messages, are sent in an
    attempt to collect sensitive personal information from recipients who
    reply to the message or click on a link to a Web page requesting this
    information.

    The email you reported did not originate from, nor is it endorsed by,
    eBay. We are very concerned about this problem and are working
    diligently to address the situation. We are currently investigating the
    source of this email to take further action. You may rest assured that
    your account standing has not changed and that your listings have not
    been affected.

    We advise you to be very cautious of email messages that ask you to
    submit information such as your credit card number or your email
    password. eBay will never ask you for sensitive personal information
    such as passwords, bank account or credit card numbers, Personal
    Identification Numbers (PINs), or Social Security numbers in an email
    itself. If you ever need to provide information to eBay please open a
    new Web browser, type www.ebay.com, and click on the "site map" link
    located at the top the page to access the eBay page you need.

    If you have any doubt about whether an email message is from eBay,
    please forward it immediately to spoof@ebay.com and do not respond to
    it
    or click on any of the links in the email message. Please do not change
    the subject line or forward the email as an attachment.
    .
    .
    So THANKS cphilip!!!!!

  30. #30
    That message you got back is automated...you could send a perfectly authentic letter and you will still get that back.

    This thread will probably cause more problems than it will solve.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •