eBay

Here's another I just got:

Dear ebay customer,

We regret to inform you that your eBay account will be suspended due
to concerns we have for the safety and integrity of the eBay community.

Per the User Agreement, Section 9, we may immediately issue a warning,
temporarily suspend, indefinitely suspend or terminate your membership
and refuse to provide our services to you if we believe that your
actions may cause financial loss or legal liability for you, our users or
us. We may also take these actions if we are unable to verify or
authenticate any information you provide to us.

Due to the suspension of this account, please be advised you are
prohibited from using eBay in any way. This includes the registering of a new
account.

Please note that any seller fees due to eBay will immediately become
due and payable. eBay will charge any amounts you have not previously
disputed to the billing method currently on file.

To avoid the suspension of your account please click on the link below
and provide us the information on this page:


https://cgi.ebay.com/accinfid43546546user543854358pass45475


Regards,

Safeharbor Department
eBay, Inc.

Interesting...I just tried both the link that was sent to me as well as the link that was sent to itrecovery, and neither one works from within this forum. However, the one I got does work from my email(i opened up a page but di NOT fill any info in at all).

I wonder why that is?

Jaqui

Jaqui
You shouldnt have clicked on the link at all. Sometimes, the downloading of whatever you went to may contain one of the new viruses that are spread without having to be an email attachment.

You may want to run a virus check to be certain on your computer.

You can do a right click on a link and the Properties function will give you information that you can source where it originated from through several specific search engines available on the net.

Malcolm

Thanks for the heads up Malcolm! I thought it was just a password issue. So, since I was already about to change my password, (and I did it right after I clicked), I thought I was safe....but I will be aware of the virus thing from now on, and will do a virus check right away.

Jaqui

Hi Malcolm,....the quote is actually "There's a sucker born every minute", and although it's attributed to Barnum, it was actually said by David Hannum, one of Barnum's competitors. Hannum was referring to Barnum's fake "giant", carved to compete with Hannum's "Cardiff Giant" (also a fake, although Hannum didn't know it at the time).............. Michael

Thanks Michael
I got the gist of what was said but never digested the history of who, why and where.

Malcolm

"I just tried both the link that was sent to me as well as the link that was sent to itrecovery, and neither one works from within this forum. However, the one I got does work from my email(i opened up a page but di NOT fill any info in at all). I wonder why that is?"

The links in the emails appear to be one thing, but if you hover your mouse over them, your email program will show you where they actually link to - something like www.classdownright.com/ebayCGI12093812093281309128" which sort of also looks like an eBay (or PayPal site) but definitely isn't. If you DO follow that link, it'll take you to their website which has been mocked up to look like you're logged in to eBay (or PayPal). Never do that!

So when people copy and paste the email, for example to this thread, they're copying and pasting the bogus website (which appears real), not the actual location that clicking the link is going to take you to. Check one of those emails yourself. Don't click it... and if you do, don't log in!

PS:

"Dear eBay user,"

That's as far as you need to read. No correspondance will ever begin with anything other than your real full name.

One of the links may work because it has not been turned off by the ISP yet. Often depending on how fast you check your email, by the time you receive the hoax, someone has reported it and an abuse report has been acted upon by the host ISP and the account is turned off, hence the ones you click on and you get an unable to find error message, while others that are active have not been restricted by the ISP yet.

It is important to report everyone you get to spoof@ebay or spoof@paypal. I know it is a hastle, and it has probably already been reported a hundred times, but then again maybe not and it remains active allowing some unknown person to fall into the trap.

In terms of never clicking on them for fear of a virus or some form of spywear software, I am sorry Malcolm, but if you subscribe to this theory, then you should be nervous about clicking on any hyper-link on the Internet in fear that someone has embedded a similar virus or spywear program.

Jeff

Jeff
I assure you that I certainly am more nervous about clicking on what I know to be a fake email containing a link to ...??? than any hyper-link on the internet where I believe I am intending to be directed.

That's like getting into a taxi to take you somewhere where you believe that the driver is a licensed driver that will take you to where you are going without any problems as oppossed to getting into an unlicensed cab that you know the driver isnt a licensed cab driver.

I'll catch a ride in Cab 'A' but walk before getting into Cab 'B'.

Malcolm

Malcolm, I know what you are saying but I don't agree with your logic. First of all, I have never entered or approached a cab and inquired whether it was licensed or not, but just relied on the fact that it had signage, etc that it was a cab, and probably most other people will comment that they do the same.

The same goes from my internet roaming. I don't know the source or author of most of the sites I visit, but trust that I will be delivered to my destination safely. And again, lets ask here, how many people have asked, "gee if I click on this url, will I be loading a spybot on my machine??"..... of course not, otherwise most would never use the internet....

You are right and I don't disagree that knowing an email is a fraud, should raise suspicion about visiting or clicking on a url however if you only click on url's that you know to be legitimate, this will limit your use of the internet. (ie how do I know for a fact that by visiting www.shopline.ca I will not have a spybot program installed on my machine, or likewise if you visit my web-site the same will happen to you? Of course we don't, but we presume otherwise).

Also, in the past I have clicked on the hoax url's then entered goofy information, thing like username FBI and password, We Know Where You Are, and then fill in the rest of columns with junk, and I have never had found a spybot program or had any other problem. (however have had a few chuckles).

Cheers,

Jeff

Jeff, the problem is Microsoft Internet Explorer. There have been so many security flaws in the program this year alone that make it very easy for a hacker to create a webpage that can install any program they want on your PC. By clicking on a button you are agreeing to whatever code is embedded on the button you are clicking as well. If you want to avoid getting mugged, avoid the seedy side of the tracks.

Jeff,
I dont know about you but I no longer have the time nor the patience to be bothered with this stuff.

Also responding to some of these bogus emails is all the people at the other end want, a confirmation that they have a live person receiving and reacting to them at the email address they sent their bogus email to. It could result in a barrage of spam as the welcome mat has been laid out or simply satsify the sickies that they got a reaction from you and encourage other, perhaps more elaborate attempts to get into your sytem, disrupt your system or just become a greater nuisance.

My son used to see how upset I got with receiving these things in the beginning and I used to get him to trace them back to the source. We managed to get a couple of people suspended from their ISP but it wasted an inordinate amount of our time.

I am quite seasoned now and have learned to just ditch them and not acknowledge to the senders that it has had any affect on us.

On the taxi comparison I agreed that we assume that we know the taxi is legitimate and the driver licensed just as going places intentionally on the internet.

It is when we know for certain that the cab driver is not a licensed cabbie, or we know the email is bogus (therefore the link is bogus), we should know better than get in the cab ie. not click on the link.

I dare say none of us spend the amount of time keeping up on technology 1/10th of what these creeps do and their never ending desire to create the next virus or trojan or worm to shut down or create some similar form of havoc on as many systems as they can.

Malcolm

Malcolm, you are right and I agree that the number of fakes creates a real tax on time and patience. And I am also with you in that in the early stages I use to also do my best to track down the location of the offending ISP and send an abuse notice, but in the case of many of these hosting sites, they don't know the names or nature of the business of the people subscribing and using their gateways.... to them it is like selling a magazine subscription, the more subscribers the more lucrative and true nature of how they use their system is not known, nor do they care.

Instead, I do not mind forwarding a spoof notice to Ebay or Paypal if I get what appears to be a fake. In my opinion it only takes a second and may or may not save someone less familiar from harm. This is far faster than trying to track down the offender directly and Ebay has the resources to do this work on my behalf and that of all users.

I also agree that knowing an email is a fake, you should take caution on how you deal with it, I guess my point is that given the innocuous nature of the internet, we do not know what is behind many of the links we click on regularly, and an innocent looking url could possess the same evil as a known scam url.

Point also taken from mahsauction, but again these flaws in Explorer leave us exposed everywhere we go on the internet.

So all in all, I agree I agree I agree, but the threat remains everywhere.....

Jeff

Jeff
Overall it does take alot of the fun of the internet out though doesnt it?

Malcolm

Yes it does.....

But it is similar to life. If you live your life fearful of every threat, you would never leave your house or probably buy your food at a grocery store, never venture in your car and definately never board an airplane. Visiting tall buildings would be taboo, etc etc etc....

The internet is the same, if you live your life in constant fear, you would cancel your subscription....

Mind you I agree, life comes with risk but one must do their best to control the level of risk they will encounter, however it is impossible to totally remove it.

Jeff

Jeff
I didnt know you had tall buildings in North Bay!!!!

Boy I wish I knew that last time I was on Bearskin Airlines and landed in North Bay picking up some passengers en-route to Sudbury. We could have hit one on the way in (our out) and crashed into a grocery store.

I guess I live life dangerously.

Malcolm

Living in North Bay, anything higher than a basement is considered a high rise.

Jeff

As a victim of ID theft through a leak in eBay's own portals (including this forum, and I'll get to that in a minute), I now take these ID trawling e-mails very seriously. Basically, though melodramatic as it may sound, we're under siege here folks--especially PowerSellers--and the more successful you are the more desirable and likely target you become. Not only from those of fraudulent intent without, but even from competitive harassment within.

My own eBay ID theft was a twin hit during the Christmas rush and immediately thereafter, both occuring during absolute peak selling periods. In both cases, once I had identified the hijack and notified eBay, their only mechanism for stopping such incursions was immediate suspension of my account and the cancellation of all auctions. Overnight, I lost hundreds of dollars in active auctions, and hundreds more by missing out on a key seasonal auction window...and that's not even getting into the ancillary costs of time lost writing eBay and fielding queries from angry buyers burned by the hijacker's scams, and on and on. It was a nightmare, the likes of which I had never encountered in my IT career and swore I would never allow happen again.

Throughout this siege, eBay maintained that I had somehow given out personal information through one of these "spoof" e-mails, which was absolutely not true. I have been a computer and systems consultant for almost 20 years, and run a very 'tight' desktop. I had never had a whiff of security problems before, or, tellingly, anywhere else in my 'Net based dealings (bank accounts etc.)--not even a crippling virus. To me, this was clearly a 'Made in eBay' problem, which I almost immediately confirmed by having my system examined by two independent Security Experts. For what it's worth, my suspicions--and their confirmations--of what to watch out for in this particular environment:

1. Default Login - it is not secure, and there is no user preference to make it secure only. Each and every time you see an eBay login screen for any of the multitude of reasons we constantly have to do so (filing NPB's, etc.), you will be defaulted to a non-secure login even if you have already logged in securely. You have to click SSL every single time. In a transaction intensive environment like this, SSL *should* be the default, but is not because eBay refuses to limit the access to their site, and some older operating systems cannot use the secure login.

2. PowerSeller Board Login - my eBay ID theft occurred shortly after becoming a PowerSeller and logging into these boards. At first I thought that might just have been a coincidence, but then I noticed something 'funny' about the message board login (try this yourself without actually logging in to prove my point). If you click the Powerseller board link at the upper left (the one I use exclusively now), you will be logged in securely through SSL (you'll see the https in the address line). However, if you use (as I initially did) the Canadian board login underneath the U.S. Powerseller link (which BTW is secure), you will be logging in from a page that is not secure. Any skilled hacker who 'listening' on that port has a nice little pre-qualified list of eBay ID's and passwords--better yet, for sellers only, and among the top echelons of sellers at that. This is where I believe the leak occurred that resulted in my own ID theft, because those who culled by eBay ID immediately used it to change my password and e-mail address, and create fraudulent listings. How they used that info was a 'smoking gun' for where they likely got it.

3. eBay Toolbar - I had only been running it for a brief period before all this happened and got rid of it immediately after I discovered that the toolbar add-on leaves an unencrypted plain text file of your login info sitting neatly in your root directory. Whether directly related to this particular type of hijacking or not, that's just a tad too insecure for my tastes.

In fairness to eBay (particularly the Security folk on *.com) despite the draconian measures taken to regain control of my account, they did respond quickly (again, especially *.com--the Canucks were totally non-com throughout the holidays), and after reporting the assessment of the Security experts who forensically examined my system, I did receive some positive response to my suggestions that:

1. For PowerSellers, SSL should be the default login...everywhere in the eBay system. PowerSellers are not casual users--they are businesses with serious investment at stake and should be afforded that standard protection across-the-boards.

2. If that surgical level of security is too awkward from a techncial standpoint to implement automatically, then SSL should at least be a selectable user preference. Once clicked, all login screens you see are SSL by default.

3. Finally, eBay should stop castigating users for its own leaky security. On top of the 'blame the victim' accusations I was subject to, I had to pay hard dough to prove what I strongly suspected was true: there was nothing wrong with my properly firewalled, and virus protected system, or my security precautions on the 'Net. This was only occurring on eBay.

Still no signs that any of those suggestions have been implemented, so my advice to other PowerSellers is: user beware, leaks aplenty abound on this site. Your best protection is to never give out any personal ID info, even in Tech Chat, on any eBay page that does not have the https, or an SSL link.

As for those trawling e-mails, I now redirect them to eBay (both spoof@ebay.ca and spoof@ebay.com), or to spoof@paypal.com, as soon as they arrive. The idea is to keep them as deluged with this stuff as we are, and maybe eventually they'll get the message that their responsibility for ironclad security should be a top drawer issue everywhere within their venue.