ebay phishing
Temlakos
temlakos at gmail.com
Sat May 28 21:42:10 UTC 2005
James T. Carver wrote:
> On Saturday 28 May 2005 05:49 am, fedora-list-request at redhat.com wrote:
>
>>Message: 7
>>Date: Sat, 28 May 2005 12:51:15 +0200
>>From: "Piero" <pierolists at giochi.org>
>>Subject: FW: eBay Registration Suspension
>>To: "'For users of Fedora Core releases'" <fedora-list at redhat.com>
>>Message-ID: <200505281051.j4SApUbt021385 at mx1.redhat.com>
>>Content-Type: text/plain; charset="us-ascii"
>>
>>I would make see you that another ebay pishing mail was arrived.
>>
>>I've found that the link is different:
>>http://217.24.130.62/images/index.html
>>
>>It's incredible.
>>
>>
>>________________________________________
>>From: eBay Billing [mailto:billing at ebay.co.uk]
>>Sent: Friday, May 27, 2005 9:52 PM
>>To: pierolists at giochi.org
>>Subject: eBay Registration Suspension
>
>
> I have been getting the same emails, if it wasn't for the lack of https on
> the page it would be quite a good counterfeit. Hope that not to many people
> get caught up with that one.
>
> James
>
I recognized them as phish-hooks when the anchored hot-reference (href)
did not match the text, when I found a misspelled or misused verb form,
when they had a totally wrong credit-card number portion, and finally
when I logged onto eBay using my bookmark and everything was fine. The
first time it happened, I reported the incident to eBay. The second
time, I reported it to Gmail and didn't even let it download onto my
system. That was two days ago and I haven't seen any more phish-hooks.
BTW--I use PwManager and the GNOME Password Generator, so that I have
more passwords than I can count, each of them totally random, and never
the same password for two different sites. That's the final defense, of
course. Recognizing a phish-hook, not taking the bait, and reporting it
to the merchant and/or your ISP or e-mail provider is your first line of
defense.
Temlakos
More information about the fedora-list
mailing list