eBay Phishers – New Angle

The latest batch of eBay phishing attacks are quite interesting.
Instead of pretending to be from eBay they pretend to be from “Hilda”
In a very nice bit of social engineering Hilda informs you that she’s 87 years old and is trying to buy a wheelchair:
“Hello,
I recently placed a bid on item#5669378843 being a wheelchair for me that i really need do to my age(87 years old) and it seems that i can not find the auction anymore…May i please know if you are the seller of the item above?
Regards,
Hilda”
Of course the “Respond Now” button will take you to a server in China, which has nothing to do with eBay where you will, of course, be prompted for your eBay login details

Related Posts:

Published
Categorised as Random

By Michele Neylon

Michele is founder and CEO of Irish hosting provider and domain name registrar Blacknight.

6 comments

  1. all very well to highlight problems, whats the solution, how about for those who do not know, give the details on how to check where the e/mail originated.

  2. Barry – I suppose the logical thing would be for me to provide a succint explanation somewhere of how to check an email’s validity. I’ll see what I can put together
    Thanks for your feedback

  3. Solution: Disable HTML email on newbies client OR tell newbie NEVER TO CLICK LINKS or “buttons” FOUND IN EMAILS

  4. Disabling HTML email is not a very viable option, as many people are subscribed to legitimate newsletters etc., that use it.

  5. http://www.runningwithbulls.com/blog/2006/02/27/ebay-phishing-attempts-getting-smarter/
    I have seen one also. TBH, from a 1 second look at the mail heading, my first impression was it might be true. Of course, after thinking about it, I had not taken part in any ebay auction in months.
    Also, the “average” ebay user would not know that off-ebay contact from a seller is frowned on by ebay.
    What can be done to stop these phising attempts…thats the hard part.
    Disabling HTML on e-mail is only one way, and not the best way, since the URL is still there. Clueless people will still do clueless things.
    Possibly the best way is for ebay to disable all e-mail information for users. This will then remove to “channel” these phishers use.
    Of course, finding a way to communicate to their users is then the problem.
    Maybe via an RSS feed, similar to the rss feed gmail provide?
    b.

  6. I have server-side phishing checks, but even without them the spf checker plugin for thunderbird flags the email clearly

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Exit mobile version