We got one with a slightly different twist to it. My wife got an email from
someone asking why she hasn't sent the auction item that he paid her for and
to click on an "eBay" link to view the dispute. At first I thought her
account had been hijacked but then realized it was the wrong email address.
We do a fair amount of selling on eBay but don't use the address that this
Phishing email was sent to. I'm sure that by following the "eBay" link we
would have been asked to log in and they would have captured our info. My
policy is to never click on a link in an email. These crooks are getting
very creative.
Bob Danielson
1975 TR6
http://tr6.danielsonfamily.org
-----Original Message-----
From: owner-triumphs@autox.team.net [mailto:owner-triumphs@autox.team.net]
On Behalf Of Greg
Sent: Tuesday, April 04, 2006 10:47 AM
To: Triumph List
Subject: [TR] Phishing (was: Recent SCAMS)
Beware of a very clever ebay scam. Here's how it works. The bad guy
hijacks a seller's ebay account login info to control the account. When you
send the seller a question about the item they have listed for sale, they
reply with an answer about a completely different item than the one you
asked about. (However, the email response appears to be a valid ebay email.)
So you think, well either I mistakenly asked a question about the wrong item
or the seller is confused and responded about the wrong item. When you
click on the link in the email to view the item again because you want to
see the item to make sure it is correct, it takes you to a spoof ebay site
that asks for you to login in with your ebay login. It appears exactly like
the real ebay login.
This happened to me a couple of days ago. But when I got to the point
where it asked for my login, I stopped and didn't enter anything because
I've used ebay enough to know that they don't ask for your login just to
view an item, only to save it. I emailed ebay about it and they gave me
some boiler plate reply warning about hijacked accounts. Then last night, I
got an email from the REAL seller telling me that his account had been
hijacked and he finally got it straightened out after a few days. If I had
entered my login info, they would have then hijacked my account and the
cycle continues. No doubt, that's how his was hijacked.
-Greg
"Date: Sun, 2 Apr 2006 13:28:22 -0400
From: Hoyt <hoyt@cavtel.net>
Subject: [TR] Phishing (was: Recent SCAMS)
These scams are known as "phishing". They are social engineeering attempts
to get you to reveal confidential information. ....something like 80% of
people take the bait for phishing.
Rule of Thumb: Ignore and delete _any_ email that wants you to verify
confidential information. Legitimate institutions will not ask you to do
this."
Version: 7.1.384 / Virus Database: 268.3.5/300 - Release Date: 4/3/2006
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.1.384 / Virus Database: 268.3.5/300 - Release Date: 4/3/2006
=== This list supported in part by The Vintage Triumph Register
=== http://www.vtr.org
|