• There has been a recent cluster of spammers accessing BARFer accounts and posting spam. To safeguard your account, please consider changing your password. It would be even better to take the additional step of enabling 2 Factor Authentication (2FA) on your BARF account. Read more here.

ebay security sh!t

ironbeak

ironbeak

New member
Joined
Oct 1, 2003
Location
Earth
Moto(s)
2001 Yamaha FZ1
All the recent scam BS has got me paranoid. Is it accurate to think that there's no way for scammers to get ebay.com domain emails? Today I got the following email from customerservice@eBay.com :


Dear eBay user,
You are urged to establish your proof of identity with ID Verify - an easy way to help others trust you as their trading partner as our service quality is changing. The process takes about 5 minutes to complete and involves updating your information over a secure connection and answering a few questions. When you're successfully verified, you will receive an ID Verify icon in your feedback profile. This feature applies to residents of the United States and U.S. territories (Puerto Rico, US Virgin Islands and Guam), Europe (EU) and Australia. .

Fee:
Verification is free of charge and is valid until your name, home address or phone number change.

ID Verify Now, and help us improve the service we are providing to our customers.

Note: After successful verification, you will not be able to modify your contact information for 30 days. Also, the ID Verify icon is used for 3 different verification processes. Verisign provides individual verification on eBay.com. GeoTrust, Inc. is used for the verification of certain businesses selling on eBay.com. Deutsche Post is used for the verification of German members on eBay.de.

Warning: Failure to Verify your ID may result in Account Suspension.


Regards,

Safeharbor Department
eBay, Inc.


I clicked on the link & saw that they're asking for full name, address, CC information, bank account info, etc. But I've used ebay for years without incident. I'm not telling them a fucking thing more than I have already.

...would you?
 
It's more credible than most scams, but that still ain't ebay!

But it would be worth you reporting it to the 'real ebay'.
 
I wouldn't give them any info. You might send them an email through the link from their website (which you know is really them) and ask about it. The newest version of the ebay toolbar (which is cool to have if you use ebay much) has "Account Guard" that warns you any time you send your ebay password to any site that isn't ebay. It's a pretty handy feature.
 
Ebay always says they don't ask for that kind of information via email. I imagine the same is true for emails with links to do so.
 
These things land in my inbox all the time. Usually it's a masked link to a "ebay" site that actually sends you to Romania or some place outside the US.

It's the same for all of these - DO NOT FOLLOW THE LINKS! If you're concerned, pick up the telephone (that thing collecting dust on your kitchen counter) and call the company up.

I forward copies of all these messages to abuse@ and fraud@ whenevery I receive them.

[btw]I wonder if these people A) make money doing this, and B) are ever caught and prosecuted[/btw]
 
no company (credit card co./paypal/ebay/banks/etc) will EVER ask for your personal info whether it's a password or CC number...

apply that to any email u get and decide which are false. :cool
 
I'd paste a link to it, but it seems to be html-based email... so it only exists as email. Still, I'm sure if you enter your info and hit send it'll rocket your info to who-knows-where. At any rate, I entered in a lot of fake information for them. Fuggin' jerks.
 
By the way... I reported that to eBay, and their investigators got back to me. Sure enough, it's no ebay email... even though it ends with @ebay.com.

Let this be a lesson to us all. (Damn, that sounded fatherly.)

Be careful who you trust, especially online. This info fraud bullshit is getting worse at a frightening pace.
 
That's nothing new. No matter how genuine and "well-done" the scam is, there will ALWAYS be 2 give-aways.

#1. Check the link itself. Remember that if URL contains @ sign, anything before that is garbage. For example, ebay.com/acctverify@66.12.224.211/eBay is NOT eBay owned website.

#2. Check the LAST (the most bottom) received line. The From line will always be spoofed to make it look like it's coming from eBay. The LAST received line (there may be multiple received lines because mail bounces from one machine to another before getting to its final destination), however, tells you the path from the originating computer to the next relay machine; therefore, it'll give away if it's really coming from eBay.

Take the IP specified in the last received line (from portion of it) and do a simple lookup on it (one place to do it is dnsstuff.com - do whois lookup there). It'll tell you who owns that particular IP, and if it's a scam, it will not say eBay as the owner.

Remember... these scammers are getting better everyday. They'll do anything to get your information.

For those of you who use Earthlink, AT&T/Comcast, and hotmail, we try to block them all for you =D
 
there are so many softwares available to spammers now --- they can forge any mail-id they want. i get those mails all the time...

sometimes i get mails saying "the message you sent to person xyz has virus" which means some fucking spammer is using my mail-id to send viruses to someone else.

it happens mostly with my yahoo mail-ids i don't know why.
 
ironbeak said:
I'd paste a link to it, but it seems to be html-based email... so it only exists as email. Still, I'm sure if you enter your info and hit send it'll rocket your info to who-knows-where. At any rate, I entered in a lot of fake information for them. Fuggin' jerks.
Click to expand...

click the link and copy and past tha address bar of the window that pops up. if you get no address bar open a new window (Control 'N') and there will be an address bar there you can copy and past.
 
Well the bad part is, they probably just use that link to check if your email addy is valid too. So since you clicked on it, expect more spam.

Same goes with loading images inside emails, once you load an image, the image is triggered by some id that they identify your email with, and then they assume that, the email addy is active, and send it more spam.

But I have recieved so many of those from paypal, I have done a lot of followups, i.e. email paypal, call them, etc to get that persons ISP/account in trouble, I think it kind of worked.
 
Or right click on the link and then "copy shortcut" Then paste here.
 
You must log in or register to reply here.
Back
Top