There is a recent rash of emails asking you to verify your credit card account that LOOKS VERY LEGITIMATE. However, when you look at the link it asks for things like your PIN number and SSN. There is no reason to give those sorts of things out. So...DO NOT USE ANY LINKS to update your account information. Allways log in direct to your account and do it that way if you think you need to.

Report these emails to eBay by forwarding them on with header displayed to [email protected]

Thanks for the heads up phil.

No prollem...

As we know these happen often realy but one of these latest ones is particularly well done...

Also be on the watch out for emails requestiong Pay Pal verifications. It's also a scam from what I hear. I go tone of these today also. Do not fill that link out. If you think you need to update anything then go sign into your account directly and do it. But most likely you do not need to change anything. Report these also to [email protected] as they own Pay Pal.

Nothing in either account cannot be accomplished from within the account itself. Links used in these emails appear legitimate but are not. Be carefull. Do Not use any of them.

Note this at the bottom of any eBay communication.

eBay will not request personal data (password, credit card/bank numbers, and so on) in an email. Learn how to protect your account.


ANY EMAIL THAT TELLS YOU THAT YOU HAVE A PROBLEM AND NEED TO FIX IT BY VISITING THE LINK IS A SCARE SCAM. NEVER USE ANY LINK TO DO ANYTHING!!!!!!!!!

After reporting several of them yesterday I got this back from eBay (yea the real one!)

Here is one of the emails I recieved that I reported. This one has a very legitimate looking page link but it asks for information that should not be asked for. Check it out and see. Its very well done but... The information they ask for? Thats what made me very suspicious and I checked into it first and found others also had gotten it. It's a scam. Trust your instincts on these. If they ask for PIN numbers and such things only you would realy need they are up to something In fact if they email you for anything be suspicious and only do things in your account by going directly there and loggin in and doing it. Here is the email:

Recently we attempted to authorize payment from your credit card we have on file for you, but it was declined.

For security purposes, our system automatically removes credit card information from an account when there is a problem or the card expires.

Please resubmit the credit card, and provide us with new and complete information. To resubmit credit card information via our secure server, click the following link:

http://cgi3.ebay.com/aw-cgi/eBayISAPI.dll?SignIn
This is the quickest and easiest method of getting credit card information to us. Using the secure server will ensure that the credit card will be placed on account within 24 hours.



Copyright 1995-2003 eBay Inc.



All Rights Reserved. Designated trademarks and brands are the property of their respective



Here is eBays reply to my reporting it, which contains some good advice:

Thank you for contacting eBay's Trust & Safety Department about an email you received from an address that includes '@ebay.com' but that may not be an authentic email from eBay. We will investigate this situation
immediately.


Please be advised that there have been cases where people have attempted to gain access to an eBay member's personal information by sending "spoof" emails. Spoof emails intentionally give the false impression that they have been sent by eBay to solicit people to transmit their account information. Based on your inquiry to eBay's Trust and Safety Department, the email you received was likely a spoof.


eBay is very concerned about spoof email and is taking prompt action to address the issue. If you think you may have entered personal information into a spoof site, we advise you to review the information at the web address below, which contains more detailed information about
the following steps:


http://pages.ebay.com/help/confidence/problems-identity-theft.html


1. Change your eBay password and email account password


Periodically changing your password is one of the most effective ways to maintain security on any Web site. If you think there is a possibility of a breach in your account security, we strongly suggest that you begin by changing your password.


2. Forward the email to [email protected]


If you haven't already done so, please forward a copy of the email, (which will include the full header), to [email protected]. Forwarding the email will help us investigate this matter more quickly. Please do not
forward the email as an attachment or alter the subject line in any way. For more information on how to identify a header, please visit:


http://pages.ebay.com/help/basics/information.html


3. Protect your identity


If you entered information such as your social security number or credit
card numbers into a web site that you were directed to via a spoofed
email, you need to take immediate action to protect your identity. The
following web sites have valuable information on the steps you should
take to protect yourself:

eBay Help:
http://pages.ebay.com/help/confidence/problems-identity-theft.html
U.S. Government ID Theft Site:
http://www.consumer.gov/idtheft/victim.htm
BBB ID Theft Site:
http://www.newyork.bbb.org/identitytheft/newscams.html


As we move forward with our investigation, we will contact you if we need further information. In order to dedicate resources to investigating this type of situation, please submit any other questions or concerns through our Help System, which can be accessed by clicking on the Help button at the top of any eBay page.


*Please do not respond to this email as your reply will not be received. If you need to contact us again, please use the eBay Help system.


We appreciate your efforts in helping keep eBay a safe online marketplace.


Regards,

eBay Trust & Safety Team

After I signed into that to see what it was and looked and backed out, I immediately changed my passwords. On both my eBay and Pay Pal just in case....

Also from Pay Pal is this warning:

Note: When you log in to your PayPal account, be sure that the
website's URL always begins with "https://www.paypal.com/".
The "s" in "https" at the beginning of the URL means you are
logging into a secure page. If the URL does not begin with
https, you are not on a PayPal page.

You may also wish to read this article:

WAshington Post article on online auction scams (http://www.washingtonpost.com/wp-dyn/articles/A37863-2003May10.html)

Just curious:

How do they do that http://cgi.ebay.com thing, without going to one of Ebay's servers?

Well what they do is called Spoofing but I do not know technicaly how they do it. They somehow mask realy what the address is. And somehow present to you the appearance its that real address. Ask some of the geeks here how to do it. This latest one is realy smooth and perfect. They told me today it was indeed a spoof. But it even had you log in and stuff. And thats where they get that much info even if you do not fall for and fill out the other information. If you go into one of these then back out and immediately change your password.

There are a few types of spoofing. There are TCP, DNS, and web spoofing. Spoofing is not the acctual attack but a step in the attack. I'm not to knowledgable on spoofing but do read some things about it. Someone who is a network security specialist would have more knowledge. Here is a link (http://bau2.uibk.ac.at/matic/spoofing.htm) about spoofing.

I just got one from "Pay Pal" it asks for your credit card and Pin number.

This one had a send button. You type everything in the mailer page and hit send and it relays it to a the scammer site. I tried to type something LIke youve been busted by the FBI but it only accepts valid email Identitys.

yall can do it just like when you put link in and then a differnt address. Example http://cgi.ebay.com (http://www.onlypaintball.com)

thanks for the heads up!

im tired:(

There's one going around for Paypal too.

Yea I guess I should put that in the title too... Pay Pal also and I copied one of those up there somewhere...

Being an email abuse/spam fighting guy I would offer a reminder:

The From: and To: addresses in email mean literally nothing. Both the From: and To: headers are provided from the sending mail server, and there is no way to verify the data. You can not trust either one.

The only thing you can truse is the information added to the recieved headers by your own mail server.

If anyone wants more info about reading email headers PM me, I would be glad to help.

Got a new one today and its somewhat similar to some of the others. AGAIN DO NOT USE ANY LINKS IT A SCAM!!!

Here is the new one:

Dear eBay customer

During the last time we have been re-writing our security policy
according to our database uppgrades. From now on you will have
to verify your account and your personal information and
confirm that you are the true holder of your account.

All information is kept confidential in accordance with
eBay/Paypals privacy policy, and all the data is protected
by the industry standard SSL encryption.

Click on the link below and follow the instructions:

www.ebay.com/PayPal&eBay/AccountVerification/


IMPORTANT:
Unless you do not verify your account it will be closed,
and you will have to re-register your membership.

One thing eBay is telling people is you most likely are getting these because your user name is your email address. You are recomended to change that to stop getting these Spoofs. I suppose that would go for your Pay Pal as well.

damn p-pal emails, iv'e gotten a few of those in the last week and a load of ones from e-bay..

thanks for the heads up

Thanx for the heads up.

Look at this one, these guys need to take some basic grammar classes, and figure out how to make all those odd programming thingies work right.




var cbc; if (cbc) writeBrow();
home var cbc; if (cbc) { if ((ReadCookie("ebaysignin") == "in")||(ReadCookie("keepmesignin") == "in")) { } else document.write(" | register"); } var cbc; if (cbc) { if ((ReadCookie("ebaysignin") == "in")||(ReadCookie("keepmesignin") == "in")) document.write(' | sign out'); else document.write(' | sign in'); } | services | site map | help






Dear eBay Member,



We at eBay are sorry to inform you that we are having problems with the billing information of your account. We would appreciate it if you would visit our website [eBay Billing Center] and fill out the proper information that we are needing to keep you as an eBay member.

If you think you have received this email as an error, please visit our website and fill out the necessary information. That way we can make sure that everything is up to date! Again here is the link to our website. eBay Billing Center

***Please Do Not Reply To This E-Mail As You Will Not Receive A Response***

Thank you
Accounts Management

As outlined in our User Agreement, eBay will periodically send you information about site changes and enhancements. Visit our Privacy Policy and User Agreement if you have any questions.

Copyright 2003 eBay Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
eBay and the eBay logo are trademarks of eBay Inc







Announcements | Register | SafeHarbor (Rules & Safety) | Feedback Forum | About eBay

--------------------------------------------------------------------------------




Copyright © 1995-2003 eBay Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
Use of this Web site constitutes acceptance of the eBay User Agreement and Privacy Policy.

Originally posted by Tubby_Ninja
Just curious:

How do they do that http://cgi.ebay.com thing, without going to one of Ebay's servers?

Uhhh, that is an actual eBay site. The "cgi" part is just a subdomain of ebay.com--meaning it is part of ebay itself.

Sorry, I know this thread is old, but you are scaring people off of real emails. ;) If I remember another thread on here stating that those were actually real, and that you just received them because ebay had trouble charging the seller's fee to whatever account info they have on file.

Originally posted by PyRo
Umm yeah, he is wrong. Don't listen to those e-mails.

Are you kidding me? In another thread a few months ago I think cphillip or someone said that they ended up being true.

You are aware that the cgi part in http://cgi.ebay.com is part of ebay itself? It's a subdomain. If you have any experience web-developing or whatnot, you would know that that is actually a page on ebay's servers.

That's like saying http://sports.yahoo.com is NOT part of Yahoo. :rolleyes:

If you still don't want to listen to me, try this:

1) Goto http://www.ebay.com

2) Look in the main content area for a section called Featured Items -- the words should be in a green box.

3) Place your cursor over one of the links to a featured item and leave it there.

4) Look in the status bar of Internet Explorer and look where that link will lead you to.

You see how it says http://cgi.ebay.com/yadayadayada ? Point proven.

What are you talking about? :)

PyRo: Hehehe. ;) I used to work for RazorFish, a web-development company a year or so ago. I've also done plenty of server maintenance for GameGlow when it was still hosting the www.diablo2.com site. Anyone getting those emails should actually listen to them as long as they have ebay.com somewhere in the URLs.

-Ron

I got one these from "e-bay" I did not know if it was real or not so I sent it to e-bay and here is what I got back..
Hello,

Thank you for contacting eBay's Trust and Safety Department about email
solicitations that are falsely made to appear to have come from eBay.
These emails, commonly referred to as "spoof" messages, are sent in an
attempt to collect sensitive personal information from recipients who
reply to the message or click on a link to a Web page requesting this
information.

The email you reported did not originate from, nor is it endorsed by,
eBay. We are very concerned about this problem and are working
diligently to address the situation. We are currently investigating the
source of this email to take further action. You may rest assured that
your account standing has not changed and that your listings have not
been affected.

We advise you to be very cautious of email messages that ask you to
submit information such as your credit card number or your email
password. eBay will never ask you for sensitive personal information
such as passwords, bank account or credit card numbers, Personal
Identification Numbers (PINs), or Social Security numbers in an email
itself. If you ever need to provide information to eBay please open a
new Web browser, type www.ebay.com, and click on the "site map" link
located at the top the page to access the eBay page you need.

If you have any doubt about whether an email message is from eBay,
please forward it immediately to [email protected] and do not respond to
it
or click on any of the links in the email message. Please do not change
the subject line or forward the email as an attachment.
.
.
So THANKS cphilip!!!!!

That message you got back is automated...you could send a perfectly authentic letter and you will still get that back.

This thread will probably cause more problems than it will solve. :rolleyes:

Hey everyone there's another one going around as well. It's normally an email from something called PayPal.com or something near it. In the email itself it tells you to download the attachment (MiMail.[insertletter here]) and fill out the form or else your account will be deleted. The MiMail.A-Z is just many different forms of the same worm. The worm takes all the information, sends it to the worm creator through an FTP client, and badabingbadaboo the creator has a new account.

Check out this site here:

http://www.pandasoftware.com/virus_info/

It's one of the leading anti-virus software producers in the world. They have an only scanner floating around there too. It IS SAFE. I've used it.

Thats why i don't have ebay e-mail

i saw something about that - i don't care

Thanks for the useless spam.

The MiMail worm now goes through something like P now so there's a good 16 versions of the worm out.

Originally posted by hockaloogey
i saw something about that - i don't care

Great, no one cares.

I had one today where the subject read "you are dissmised"

I got one of these from Paypal about 3 weeks ago, and one from Ebay about two weeks after that. They look legit. I went so far as to click the link in the paypal email and only stopped short when I saw the level of information I was being asked for.

I logged in via a new browser and my account was not frozen as teh email had claimed! I emailed paypal and report, and just now I got a general note from them saying that I "may be at risk for some spoof mail". Apparently somebody hacked into their system and got names, emails, and addresses. They claim that financial data is safe and all, but I'll be keeping a close eye on my bank statement:rolleyes:

I get these all the time. I get paypal ones about 3 tmies a week. It is extremely frustrating to say the least, because I feel that I always need to manually go to my paypal account (manually, not by their links) - just to verify that everything is okay.

I just foward all the ebay ones I get, usually about 10 a week to [email protected]. The paypal ones I just ignore, about 4 a week. I just to have my e-mail adress for my ebay name, thats probably why I get so many.

whoo hoo...

I just got my first spoof email.

Now I can join the "club" ;)

http://www.imageshack.us/img2/7808/emailscam1.jpg

look real huh? ;)

I also got this reply from www.paypal.com



Thank you for contacting PayPal.

Thank you for bringing this suspicious email to our attention. We can
confirm that the email you received; was not sent to you by PayPal. The
website linked to this email is not a registered URL authorized or used
by
PayPal. We are currently investigating this incident fully. Please do
not
enter any personal or financial information into this website.

If you have surrendered any personal or financial information to this
fraudulent website, you should immediately log into your PayPal Account
and
change your password and secret question and answer information. Any
compromised financial information should be reported to the appropriate
parties.

If you notice any unauthorized activity associated with your PayPal
transaction history, please immediately report this to PayPal by
following
the instructions below:

1. Go to https://www.paypal.com/
2. Click on the Security Center at the bottom of the page
3. Click on "Report a Problem"
4. Select the Topic: Report Fraud
5: Select the Subtopic: Unauthorized use of my PayPal Account, and
click
Continue.
6. Follow the instructions to access the appropriate form

If you have any further questions, please let us know.

Sincerely,

The PayPal Team

Ya...I just got 2 from ebay and 2 from paypal in 2 days...lol even though I knew they wouldnt say anything back. I replied and said STFU YOU F'KIN SCAMMERS =/ just got a little pissed. How i always check is if they address you "Dear Paypal user" or w/e its a scam. Paypal always addresses you with your name. Also when u scroll over the link where it says log in make sure there is a "s" in the "http" so..."https" even if the initial link has "https" make sure to scroll over it. They tried that on me. Of course I cant be fooled :D .

P.S Im sure you all know about this, but might as well say it =/

Gee, thanks man I'll keep my eye out :) :cheers: