eBay Phishing

We want to warn you of a phishing message we’ve detected in circulation affecting eBay members with the purpose to get their credentials.

The message seems to have been sent by “eBay” and uses the same logo and appearance as the original one to trick users and make them think it’s trustworthy:

ebay_img1

Something that has attracted my attention is when it says that your name is not displayed to protect you from spam, don’t you think it’s a little bit ironic?

The global message is clear and menacing: If you don’t log in your account now, it will be suspended.

But if you read the message carefully, you’ll probably notice that it doesn’t make much sense. You don’t really know what it is about.

For example, nearly at the end it says: “…your account will be suspended for a period of 3-4 days, after that it will be again operational Sunday, 16, June, 2010”

Umh, these are going to be the longest 3-4 days of your lives… and you’ll be surprised when you look at your calendar and discover that 16th June 2010 is not Sunday but Wednesday!

So, when you receive a message like this, it’s very important not to panic in spite of reading things like “your account will be suspended…” because it’s likely to be false.

But, what happens if I have trusted the message?

If you click the link included in the message, you’ll be redirected to a very similar website to eBay’s:

ebay_img2

But if you look at the web address, you’ll see that it doesn’t belong to the official eBay website:

ebay_img5

Don’t worry because you have not been phished yet.

If you haven’t noticed this detail and have entered your credentials, you won’t be logged in as you would expected.

You’ll be informed that you have to confirm your identity because someone is trying to access your account at the same time. That’s why you’ll be required additional information like the security question and answer, phone number and date of birth:

ebay_img3

Once you enter this, the process will be finished and a message thanking you for your collaboration will be displayed:

ebay_img4

You’ll see another ironic message in this page: “We want to keep eBay a safe place to buy and sell”.

Unfortunately, it won’t be a safe place for you anymore knowing that someone has your credentials. But the solution is easy: change the password of your eBay account and that’s it!

Related News

2 Responses

Leave a Reply
  1. Hettie Brittz
    Mar 09, 2010 - 10:35 PM

    Our webhost, Digiserv, terminated our website without warning due to alleged complaints that we “pretended to be eBay”. Since we do not operate with a Merchant account or any credit card facilities, this is simply ludicrous. We aren’t even setup for international transactions!
    We have, to no avail, tried to determine the source of this allegation. Do you have a record of such an allegation, and could you perhaps Help us determine where the problem appeared? According to Digeserv, you (eBay) threatened with legal action unless Digiserv terminated our sight. There must have been grounds for this?
    Looking forward to hearing from you soon, as we are desperate to continue our online counselling to parents and to keep doing our job in presenting parenting Courses across South Africa. Our 100 trained facilitators depend ons this site, which has simply been shut down!

    Regards and wishes for a great day!
    Hettie Brittz
    Evergreen Parenting Cc

    Reply
    • Luis Corrons
      Mar 10, 2010 - 08:05 AM

      Probably someone broke into your web and uploaded some eBay phishing pages. You should check the server, delete all the files, change passwords, apply patches and talk to your webhost.

      Regards,
      Luis

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

COPYRIGHT 2014 PANDA SECURITY