Ebay users WARNING

Page may contain affiliate links. Please see terms for details.
R

rirhill

Active Member
Joined
Dec 29, 2002
Messages
467
Location
Yorkshire Dales
Car
Mercedes E350 CDI Estate
Hi There
I keep getting spook emails claiming to be Ebay. Please be very careful as it very convincing. Please see the spook URL below:
http://61.220.179.174/ws2/eBayISAPI.dll/SignInssPageName/eBaySignIn.htm

Which then goes on to ask for your credit card details. I have already had my password hacked into with some low life selling mobiles on my account. Ebay were very good and refunded the charges.
I would change your password every week to be on the safe side.
Be safe

Cheers
Ian
 
I keep getting this:-
complete with ebay logos etc etc



This email was sent by an eBay member via eBay's email forwarding system. If you reply to the email, your response will go directly to the member and not through eBay.

Message From eBay Member


If this email is an offer to directly sell you an item without bidding on and winning the item on eBay, please report it to us immediately and do not respond. An offer to sell an item directly to another eBay member through email violates eBay rules. It is also extremely unsafe to purchase an item through this email system regardless of the seller's claims or feedback, as you lose the benefit of eBay's purchase protection programs and risk losing your money.

Never pay for your eBay item through instant cash transfer services such as Western Union or MoneyGram. Such services offer Internet shoppers no protection against fraud.



Dear *email address*

Hello rosemary, Thanks for the email. I have made payment through PayPal & I am sure that PayPal has notified you of this fact. Thankyou for your very efficient and efficient help and for the splendid items that you had for sale. Regards, jean

Please respond to the question on eBay by clicking the button below.




Thank you,
khosrow





--------------------------------------------------------------------------------

eBay treats your personal information with the utmost care, and our Privacy Policy is designed to protect you and your information. eBay will never ask their users for personal information, such as bank account numbers, credit card numbers, pin numbers, passwords, or Social Security numbers in an email. For more information on how to protect your eBay password and your account, please visit User Account Protection.

This eBay notice was sent to *email* based on your eBay account preferences and in accordance with our Privacy Policy. To change your notification preferences, click here. If you would like to receive this email in text format, click here.

Copyright Ac 2004 eBay Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
eBay and the eBay logo are trademarks of eBay Inc.
 
This is the one I got today

"Dear eBay user ,

We have ended the following auction(s) on your account as they appear to
have been listed by a third party without your authorization:

2486194040 Harley-Davidson : VRSC : VRSCA
2486164312 Harley-Davidson : Touring : Touring FLH
2485662048 Volkswagen : Beetle (Pre-1998)

In order to resolve this matter , please click here to verify your account information :

http://signin.ebay.com/aw-cgi/eBayISAPI.dll?ItemsCancelation&ss=h:h:sin:US

Do not respond to this email, as your reply will not be received. If
you would like additional information related to this notice, please
refer to the eBay Contact Customer Support page at the address provided
below and contact us with your concern:

http://pages.ebay.com/help/contact_inline/index.html

Thank you for your patience in this matter. Regards, Customer Support (Trust and Safety Department) eBay Inc "


Beware.
Cheers
Ian
 
I have also got them saying that I have changed my password. Again it gives a link which ends up with an IP address in it.

Cheers
Ian
 
hmmm - time to change your ID and password i guess - how the hell do ebay tell that it wasnt you if they have your login details? clever sods..
 
Hi all, I often get 'spoof' (thats spoof not spook :D ) emails too, heres what to do

(As per ebays advice)
send all suspicious emails direct to ebay by using the FORWARD option in your email programme to [email protected]

You will get an automated response followed by a slightly more personal one confirming that it did NOT originate from ebay
 
Guy
No this is the spook email. I checked my account and they had not used my account this time.

Cheek of it
Ian
 
A quick word of advice. Sellers/buyers do this too (fake paypal payment confirmation slips. etc). So whenever you get an email from ebay, paypal, ur bank, etc; OPEN A NEW WINDOW! A nice, clean fresh internet explorer, mozilla firefox or whatever browser you use and type in the base URL of the site. EG? www.ebay.co.uk, or www.paypal.com or www.hsbc.co.uk or www.natwest.com and log in from there. The best protection is paranoia, followed by common sense!
Spinal

oh and a quick scan on the first url gives this:
Registrant:
Internet Dept., DCBG, Chunghwa Telecom Co., Ltd. (HINET-DOM)
Data-Bldg, No. 21 Sec.1, Hsin-Yi Rd.
Taipei, Taiwan 100
TW

Domain Name: HINET.NET

Administrative Contact, Technical Contact:
Internet Dept., DCBG, Chunghwa Telecom Co., Ltd. (IOVDQPDTHO) [email protected]
Data-Bldg, No. 21 Sec.1, Hsin-Yi Rd.
Taipei, Taiwan 100
TW
886-2-23444720 fax: 886-2-23960399

Record expires on 20-Mar-2005.
Record created on 19-Mar-1994.
Database last updated on 24-Nov-2004 08:11:45 EST.

Domain servers in listed order:

HNTP1.HINET.NET 168.95.192.1
HNTP3.HINET.NET 168.95.192.2
DNS.HINET.NET 168.95.1.1
All that necessary if to email their hosts / isp's and the job is done. (Or as they are in china, their governments :p)
Spinal
 
Spinal said:
A quick word of advice. Sellers/buyers do this too (fake paypal payment confirmation slips. etc). So whenever you get an email from ebay, paypal, ur bank, etc; OPEN A NEW WINDOW! A nice, clean fresh internet explorer, mozilla firefox or whatever browser you use and type in the base URL of the site. EG? www.ebay.co.uk, or www.paypal.com or www.hsbc.co.uk or www.natwest.com and log in from there. The best protection is paranoia, followed by common sense!
Spinal
Spinal
Click to expand...


Fully agree, and good housekeeping practice.

Though to help things along, all online organisations should set the default for all email communications that they never ask you to login from an email.
(and never take sweets from strangers :) )
 
I get some odd e-mails from time to time, one or two strange ebay ones (I use a different e-mail address for ebay so I can spot the fakes straight away ;) ) and I've had an e-mail or two saying stuff like "your order for xyz has been paid for using VISA, you have been charged $xyz, thank you for your business. If you would like to see the details please click here: etc" but none of it was ever real, I don't know why they bother!

I've had a couple of phishing-type mails, one for Halifax (who I'm not a customer of) and one for HSBC (who never send any mails out, you have a messages section on the online banking for this reason). The HSBC one would have been quite believable, were it not for the fact that I don't use OE for e-mail and it was all formatted incorrectly and the URLs were REALLY dodgy (link text was hsbc.co.uk/xyz etc).

Unless it's from someone I know I assume all e-mails are faked or spoofed and treat them with caution.
 
Spinal said:
A quick word of advice. Sellers/buyers do this too (fake paypal payment confirmation slips. etc). So whenever you get an email from ebay, paypal, ur bank, etc; OPEN A NEW WINDOW! A nice, clean fresh internet explorer, mozilla firefox or whatever browser you use and type in the base URL of the site. EG? www.ebay.co.uk, or www.paypal.com or www.hsbc.co.uk or www.natwest.com and log in from there.
Click to expand...

Not strictly true since the more clever varients include code in the email which manages to exploit a windows vulnerability and update your 'hosts' file thus pointing the URL of their choice invisibly to an address of their chosing - new window, manually typed in or whatever.

Thankfully, these scripts have been written for I.E. so if you are using Mozilla, Opera or firefox or any other varient other than I.E. then you are safe from this exploit currently.

Clever kiddies tho
 
Sp!ke said:
Not strictly true since the more clever varients include code in the email which manages to exploit a windows vulnerability and update your 'hosts' file thus pointing the URL of their choice invisibly to an address of their chosing - new window, manually typed in or whatever.

Thankfully, these scripts have been written for I.E. so if you are using Mozilla, Opera or firefox or any other varient other than I.E. then you are safe from this exploit currently.

Clever kiddies tho
Click to expand...

That exploit for windows was fixed in their patches; so make sure you are up to date. Also, Moz Firefox is a nice browser (I probably like it more than IE, except that when you click back, it doesn't send you to the point in the page you were at, but to the top of your previous page). As for the exploit, make sure you have all the patches up to date, a good firewall/anti-virus combination and if you are paranoid, accept (or convert) all incoming emails to TXT/plain instead of html.
Spinal
 
guydewdney said:
hmmm - time to change your ID and password i guess - how the hell do ebay tell that it wasnt you if they have your login details? clever sods..
Click to expand...

They track which IP address bids and listings come from. If they spot a strange IP address, ie one you have never used before it raises a flag. The IP address is checked for its location and then they act. Its worth remembering that that many organisations, such as Vodafone, O2, Banks, ebay etc etc track your history and spending/calling patterns. If you stray too far outside these patterns, they cut you off and and ask questions later.

I had this happen to me when I made an unusually long mobile phone call to a number I'd never called before. Big brother is watching! :eek:
 
rirhill said:
This is the one I got today

"Dear eBay user ,

We have ended the following auction(s) on your account as they appear to
have been listed by a third party without your authorization:

2486194040 Harley-Davidson : VRSC : VRSCA
2486164312 Harley-Davidson : Touring : Touring FLH
2485662048 Volkswagen : Beetle (Pre-1998)

Ian
Click to expand...
At least they didn't try selling your Merc !! :devil:
 
PJH
That would really pis_ me off if they had done that.


Cheers
Ian
 
I got this one

Just dumped it

ebay.jpg
 
had me fooled for a min, thought i'd screwed up selling something.
I've had them all. Barclay's, Natwest just sick to death of them. i've got a marketing company gagging to advertise on my website, did a background check and listed in the spam filter.
 
i keep getting the same emails,usually trying to steal your rating
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)

Similar threads

D
eBay fun
Replies
19
Views
2K
Bellow
Bellow
st13phil
AMG Private Lounge - Data Breach
Replies
6
Views
1K
Steveml63
Steveml63
jaymanek
2015 MERCEDES-BENZ C CLASS 2015(64) MERCEDES BENZ C220 BLUETEC SPORT SALOON AUTO DIESEL BLACK
Replies
0
Views
496
jaymanek
jaymanek
jaymanek
2012 MERCEDES-BENZ C CLASS 2012(12) MERCEDES BENZ C220 CDI BLUEEFFICIENCY SPORT SALOON AUTO DIESEL
Replies
0
Views
390
jaymanek
jaymanek
M
2013(13) MERCEDES E250 CDI SPORT COUPE BLUEEFFICIENCY AUTOMATIC DIESEL GREY
Replies
0
Views
619
Mercland
M
Back
Top Bottom