 The Clarinet BBoard
|
Author: sfalexi
Date: 2005-01-22 21:14
Mark/GBK, if this can't stay here, I understand, but I think it's information we all can benefit from in case it happens in the future.
I received an email stating that my "eBay account has been recently compromised and it could be used by a third party without your authorization." It provides a link to sign in, however the only thing that is keeping me wary from doing so is that the link starts with http:// instead of https:// (which is the difference between a secured site or not). I compared the site with the signin that I get when I go to ebay.com, and they are identical in every way except for the lack of an "s" in the address bar, the lock is gone in my browser (which indicates a secure sight), and it doesn't say "SSL Encrypted" in the lower left of my status bar in my browser.
Am I correct in assuming that this is probably a scam to try to get me to reveal my ebay name/password to someone? Is there another way to check? It says my account will be shut down in 72 hours if I don't verify by signing in.
Thanks to those who are more knowledgeable than me in the ways of the net and hopefully this will help others learn something.
Alexi
US Army Japan Band
|
|
Reply To Message
|
|
Author: Brenda Siewert
Date: 2005-01-22 21:21
Alexi,
Whatever you do DO NOT respond to this email. Delete it from your files immediately. This is a scam to get your personal information and to ruin your eBay account. My husband opened it and filled it partially out and it has messed up his computer and he is not able to use his eBay account. Ebay never asks for this kind of information.
Do a search for eBAy fraud on this bboard and you'll see it's been sent to many, many of us on this board.
|
|
Reply To Message
|
|
Author: sfalexi
Date: 2005-01-22 21:22
Thank you Brenda. Deleting it immediately . . .
Alexi
US Army Japan Band
|
|
Reply To Message
|
|
Author: Mark Charette
Date: 2005-01-22 21:28
Never, ever, ever, ever click on a link in an email or a "foreign" (not the company's) link on a webpage to go to any page that would have you disclose ANY personal data. That web address not only didn't have https, it didn't even send you to the right site! You have to look at the page source AND have a good eye to discern the difference!
Go to the web site by typing in the address. Even bookmarks can be compromised - you have to be VERY careful!
|
|
Reply To Message
|
|
Author: John Stackpole
Date: 2005-01-22 21:57
The style of scam is called "phishing" and is quite popular.... (I guess it works all too well.)
I get such notices from banks all the time, banks at which I do not even have an account. (That is a bit of a giveaway that somet'in ain't right.)
JDS
|
|
Reply To Message
|
|
Author: LeWhite
Date: 2005-01-22 23:06
On this note, a few days ago I received an email which had obviously been phished from this site. It reads as follows:
Dear LeWhite,
I do not want you to be surprise how I come about your contact, it is through my private search.
My name is Egonsu Sharon ; I am from SERRIA LEONE, and son of prominent government official.
[ Don't need the whole thing ... there's so many of there that there's even a name for them: The Nigerian or 419 scam. Mark C. ]
FWIW, this is the ONLY web site/forum I use 'LeWhite' on.
__________________
Don't hate me because I play Leblanc! ![[down]](http://test.woodwind.org/clarinet/BBoard/smileys/smiley23.gif) Buffet
|
|
Reply To Message
|
|
Author: Mark Charette
Date: 2005-01-22 23:10
LeWhite wrote:
> On this note, a few days ago I received an email which had
> obviously been phished from this site. It reads as follows:
Wrong term. Phishing is making a page (or sending an email) that appears to be legitimate but is only a copy of the real page. Most links within the page will direct you to the official site; the ones asking for personal info will be to the bogus site.
The right term is "scraped".
|
|
Reply To Message
|
|
Author: EEBaum
Date: 2005-01-23 00:10
I get dozens of these daily. Ignore them. If you really suspect there actually might be something wrong with any account on any website, visit the page manually (e.g. type www.ebay.com into a new browser window) and check your account from there.
Related to our recent discussion on browsers, some browsers (e.g. Opera, which I use) will put the address of any link you move the mouse over into the status bar. Unlike IE, though, Opera's can't be spoofed (at least not in my experience), so you always know where the link truly goes.
LeWhite, go to 419eater.com for the delightful results of some people who have scammed the scammers (see the Trophy Room).
-Alex
www.mostlydifferent.com
|
|
Reply To Message
|
|
Author: David Stringer
Date: 2005-01-23 01:44
Alexi,
I have noticed a refinement to the technique recently. The link shows https:// but when you mouse-over it, the address displayed at the bottom of the browser is something else like 212.001.002.003/badplace.
In other words, the link name is https://etc , but the actual link is something else... like "click here" can be a link to www.legitsite.com
So don't go by the 's' on the end of the protocol, either.
David
David
|
|
Reply To Message
|
|
Author: Mark Charette
Date: 2005-01-23 01:50
This is an illegitimate link that looks legal if you're not careful:
http://www.woodwind.org
And even if you are careful - it still looks legit, right?
It's awfully easy to spoof a browser (even spoofing the status bar on firefox) without any special or secret codes being used. If this was an email I could spoof pretty much any browser.
|
|
Reply To Message
|
|
Author: sfalexi
Date: 2005-01-23 01:54
Thank you for the heads up David. I may/may not have caught it, but now I know to make sure to LOOK.
I'm glad I didn't type in my info. And hopefully others are learning what to watch out for in this thread.
US Army Japan Band
|
|
Reply To Message
|
|
Author: Mark Charette
Date: 2005-01-23 05:08
clarnibass wrote:
> Mark that link comes up black. Is this how it is supposed to
> be?
It looks as if it'll take you to www.woodwind.org but it really doesn't - it tries to connect to a non-existent site. I could have made it go anywhere.
|
|
Reply To Message
|
|
Author: sfalexi
Date: 2005-01-23 05:10
That link is an example of how a link can SAY something (in this case it says www.woodwind.org) but actually redirect you somewhere else (in this case to a blank page)
US Army Japan Band
|
|
Reply To Message
|
|
Author: LeWhite
Date: 2005-01-23 05:28
Thanks EEBaum, great site, I'm really enjoying the stories of scamming the scammers...
__________________
Don't hate me because I play Leblanc! Buffet
|
|
Reply To Message
|
|
Author: Aussiegirl
Date: 2005-01-23 08:26
LeWhite, i got the same email, adressed to me as AussieGirl.
How weird!
|
|
Reply To Message
|
|
Author: emylooa
Date: 2005-01-23 17:06
I thought Ebay had a spoof reporting site called spoof@ebay.com?? I think they have this reporting area and so does paypal have something similar. Its been awhile since I had one, but when you get these suspicious emails, ebay would like to have them, so they have you forward them to this spoof address or something similar. Check it out in their rules and conditions. Its written in them someplace...
Thanks,
Emy
|
|
Reply To Message
|
|
Author: LeWhite
Date: 2005-01-23 21:45
Heya Aussiegirl
Yeah this particular email was obviously targeting aussies. Hopefully no-one will fall for this - we're not that gullable, right!
__________________
Don't hate me because I play Leblanc! Buffet
|
|
Reply To Message
|
|
Author: Aussiegirl
Date: 2005-01-30 07:25
Yeah, i read about half and went what the, then deleted it. Hope nobody else actually believed it!
|
|
Reply To Message
|
|
Author: forstc
Date: 2005-01-30 20:45
LeWhite - Like scamming the scammers? Have you visited http://www.bustedupcowgirl.com/scampage.html - if not, take a peek- but get ready to laugh your head off!
Post Edited (2005-01-31 00:04)
|
|
Reply To Message
|
|
The Clarinet Pages
|
 |
.jpg){kind=small}
.jpg){kind=small}
.jpg){kind=small}
.jpg){kind=small}
.jpg){kind=small}
.jpg){kind=small}
