ebay phishing

Temlakos temlakos at gmail.com
Sat May 28 21:42:10 UTC 2005


James T. Carver wrote:
> On Saturday 28 May 2005 05:49 am, fedora-list-request at redhat.com wrote:
> 
>>Message: 7
>>Date: Sat, 28 May 2005 12:51:15 +0200
>>From: "Piero" <pierolists at giochi.org>
>>Subject: FW: eBay Registration Suspension
>>To: "'For users of Fedora Core releases'" <fedora-list at redhat.com>
>>Message-ID: <200505281051.j4SApUbt021385 at mx1.redhat.com>
>>Content-Type: text/plain;       charset="us-ascii"
>>
>>I  would make see you that another ebay pishing mail was arrived.
>>
>>I've found that the link is different:
>>http://217.24.130.62/images/index.html
>>
>>It's incredible.
>>
>>
>>________________________________________
>>From: eBay Billing [mailto:billing at ebay.co.uk]
>>Sent: Friday, May 27, 2005 9:52 PM
>>To: pierolists at giochi.org
>>Subject: eBay Registration Suspension
> 
> 
> I have been getting the same emails,  if it wasn't for the lack of https on 
> the page it would be quite a good counterfeit. Hope that not to many people 
> get caught up with that one.
> 
> James
> 

I recognized them as phish-hooks when the anchored hot-reference (href) 
did not match the text, when I found a misspelled or misused verb form, 
when they had a totally wrong credit-card number portion, and finally 
when I logged onto eBay using my bookmark and everything was fine. The 
first time it happened, I reported the incident to eBay. The second 
time, I reported it to Gmail and didn't even let it download onto my 
system. That was two days ago and I haven't seen any more phish-hooks.

BTW--I use PwManager and the GNOME Password Generator, so that I have 
more passwords than I can count, each of them totally random, and never 
the same password for two different sites. That's the final defense, of 
course. Recognizing a phish-hook, not taking the bait, and reporting it 
to the merchant and/or your ISP or e-mail provider is your first line of 
defense.

Temlakos




More information about the fedora-list mailing list