12 replies to this topic

[sunny]

Currnetly there are several jokers out there who try to send fake emails pretending to be from eBay itself.

Such emails may be used to steel personal as well as financial data is the user recieving the mail clicks on the links.

After contacting the ebay Support via email I've got following tips:

I am posting the mail I got from eBay as it is so that the users of Trap17 can also detact an fake email and maintain their privacy.

From: eBay Customer Support <spoof@ebay.com>
To: Cyber Mitra < cyber . mitra @gmail.com>

Hello,

Thank you for writing to eBay regarding the email you received.

Emails such as this, commonly referred to as "spoof" or "phished"
messages, are sent in an attempt to collect sensitive personal or
financial information from the recipients.

The email you reported was not sent by eBay. We have reported this email
to the appropriate authorities.

In the future, be very cautious of any email that asks you to submit
information such as your credit card numbers or passwords. If you are
ever concerned about an email you receive from eBay, simply follow these
steps:

1. Open a new Web browser and type www.ebay.com into your browser
address field to go directly to the eBay site.

2. On eBay, click on the "My eBay" link at the top of the page and sign
into your account.

3. Check the "My Messages" link located on the left side of the My eBay
page. If an email affects your eBay account, it's now in "My Messages."
Any email sent to your registered eBay email address from eBay or from
another eBay member via eBay's member-to-member communication system
will also appear in "My Messages."

Just remember, if you get an email regarding a problem with your account
or that is requesting personal information, and the email looks like it
is from eBay, please check My Messages first. If it's not there, it's a
fake email.

If you still have any doubt about whether an email message is from eBay,
please forward it to spoof@ebay.com immediately. Do not respond to it or
click any of the links. Do not remove the original subject line or
change the email in any way when you forward it to eBay.

If you have already entered sensitive personal information, financial
information, or your password into a Web site based on a request from a
spoofed email, you should take immediate action to protect your identity
and all of your online accounts. We have developed an eBay Help page
with valuable information regarding the steps you should take to protect
yourself.

 [url="http://pages.ebay.com/help/tp/isgw-account-theft-reporting.html"]http://pages.ebay.com/help/tp/isgw-account...-reporting.html[/url]

To review eBay's new tutorial about Spoof Emails, please see the
following Web page:

 [url="http://pages.ebay.com/education/spooftutorial/"]http://pages.ebay.com/education/spooftutorial/[/url]

To help you better protect yourself from fake eBay and PayPal Web sites,
we have developed a feature for the eBay Toolbar called "Account Guard."
Account Guard includes an indicator of when you are on an eBay or PayPal
Web site or a known spoof (or "phishing") site, buttons to report fake
eBay Web sites, and a password notification feature that warns you when
you may be entering your eBay password on an unverified site.

To learn more about the eBay Toolbar with Account Guard, please go to
www.ebay.com, click on "Downloads" at the bottom of the page, and then
click on the "eBay Toolbar" link.

We also recommend that you keep your browser, operating system, and
virus protection software up to date. Check for updates at the "Windows
Update" link on www.microsoft.com and scan your computer for viruses
often.

Once again, thank you for alerting us to the spoof email you received.
Your efforts help keep eBay a safe and fair place to trade.

Regards,

Ande
eBay SafeHarbor
Investigations Team
______________________________
eBay
The World's Online Marketplace! ®
*******************************************

Important: eBay will not ask you for sensitive personal information
(such as your password, credit card and bank account numbers, Social
Security numbers, etc.) in an email. Learn more account protection tips
at:

[url="http://pages.ebay.com/help/confidence/isgw-account-theft-protection.html"]http://pages.ebay.com/help/confidence/isgw...protection.html[/url]

_____________________________________________

For our latest announcements, please check:

[url="http://www2.ebay.com/aw/announce.shtml"]http://www2.ebay.com/aw/announce.shtml[/url]
_____________________________________________

In order to better serve you, we'd like to occasionally
request feedback on our service. If you would rather
not participate, please click on the link below and send
us an email with the word "REMOVE" in the subject line.
If that does not work, please send an email to the
email address below. Your request will be processed
within 5 days.

mailto:cssremove@ebay.com

[crapoartworks]

Thats good to know. I once in my hotmail account recieved over 214 emails in my junk folder, all of the addresses were random (ebay...google...others...) and all contained the same virus infected attachment.


I hate spoof emails.

[ashiezai]

i always received this kinda spoof emails ... some of them are banks and some of them are ebays ... but it's very easy to detect .... firstly .. the email address is a good thing to spot a spoof ... secondly .. all of these spoofs doesnt use words ... they tend to use an image for it ... that is the whole email is an image ... wherever you click on the letter .. it will bring you to the targetted url .. so be alert when u received these kinda spoof emails ...

[TripleH13]

thanks man this is very good to no. i did not no to much about this so thanks for warining ppl about it

[mayank]

well that's right there are some people who send these kind of emails...now, either you have to be very carefull about these emails or what you can do is you can use a toolbar from Netcraft and it tells you all those websites which are fake or in other words keeps you safe from phishing
The website's address is www.netcraft.com, I hope this tool will help Trap17 members.

[Microsoft]

i dont really know what are spoof mails but good think i dint get some (dont know but similar descriptions above tell me a bit) i dont want to get one

[patelg]

I have also recieved one email for Ebay.

Yes, it is image too.

It is regarding updating the account information or they will suspend my account.

I found by looking at from address as it is from ""eBay" <custservice_id_155002@ebay.com>"

Good, that i am using firefox. It has detected the link, when i cliked on image by mistake.

It is always good to have precautions...

[patelg]

mayank, on Sep 2 2005, 06:13 AM, said:

what you can do is you can use a toolbar from Netcraft and it tells you all those websites which are fake or in other words keeps you safe from phishing
The website's address is www.netcraft.com, I hope this tool will help Trap17 members.

Thanks for this toolbar. It is great way to prevent phising...

It even works with firefox too....

Cool. Thank You.

[sunny]

Some facts about Spaming:

AT&T WorldNet says it rejects 10 million to 12 million e-mails a day because the addresses don't match real users'--a sure sign that spammers are at work. 
Newsweek - Crammed with Spam 


1/2 to 3/4 of all spam email has forged reply addresses, estimating that the spam volume is now up to 1 billion messages a year. 
Jeff Lawhorn, Software Design Associates  


Most ISPs estimate the extra cost due to spam as $2 to $3 per month per user, and longer connection times, which can be costly for rural users who have to dial long distance to connect to the Internet. 
IDG 


A recent survey found that ISPs spend millions of dollars to stop spammers, with about $2 of each subscriber's bill going toward spam prevention. 
CNN 


Approximately 10% of ISP overhead deals with SPAM (churn rate; lost revenue due to defection; new customer acquisition; infrastructure; personnel) 
Gartner Group 


The Federal Trade Commission reports that when it went after spammers earlier this year, it received 500 unsolicited e-mails in a single mailbox every day - and the commission probably didn't receive it all. 
CNN 


The increases in marketing messages are outpacing the growth in personal e-mail. By 2005, expect to get about one marketing e-mail for every two or three personal messages. 
Industry Standard 


Spending on commercial e-mail will balloon to $7.3 billion in 2005 from $164 million in 1999. In 1999, the average consumer received 40 pieces of spam. By 2005, the total is likely to soar to 1,600. 
Jupiter Communications 


FTC gets 4,500 spam complaints per day 


The average business e-mail user receives three spam messages a day, and in three years that number will swell to 40. In 2003 we'll waste 15 hours deleting e-mail, compared to 2.2 hours in the year 2000. That will cost the average business in the future $400 per in-box, compared to $55 today. 
Ferris Research 


Average U.S. consumer will receive 1,600 commercial email messages in 2005, up from 40 in 1999, while non-marketing and personal correspondence will more than double from approximately 1,750 emails per year in 1999 to almost 4,000 in 2005. 
Jupiter Communications, May 2000 


By 2002, E-mail will grow from 9.8% to 17.3% of a company's total number of contacts with a customer. 
Forrester Research

One more thing, If you got an email from ebay and you suspect that it is not from actual eBay.com. then you can report this to ebay by forwarding that mail in original form to [B}spoof@ebay.com[/B]

Your complaint will be registered and the person sending those email will be executed (hopefully).

Anyways, by doing so you can help ebay to find more about those cheaters.

[niloc]

I have received a few ebay spoof emails recently .... i forwarded them to ebay.

One way to check if they are spoof emails is to follow the link they suggest to where they want you to enter you personal details .... at this point look in the bottom right hand corner of your browser for a padlock icon .... if there isnt one then you are not on a secure site.

With to regard to ebay spoof emails .... they would never contact you by email for your details , they would send you a message to your ebay inbox if they had a problem with your account details.