The steps they’ll go to to steal your identity! I just received this in email over the weekend.
The message starts convincing enough, and looks professional too. (click the thumbnail to view a larger version of the email.)
The message subject is “Action Required!” and seems to come from the eBay billing department. Not sure why the billing department would be notifying me of a breach of security instead of some security concern but lets move on. Here is the body of the email with the bad link removed for your security.
Dear eBay Member,
We recently noticed one or more attempts to log in to your eBay account from a foreign IP address and we have reasons to believe that your account was used by a third party without your authorization. If you recently accessed your account while traveling, the unusual login attempts may have been initiated by you.
The login attempt was made from:
IP address: 172.25.210.66
ISP Host: cache-66.proxy.aol.comBy now, we used many techniques to verify the accuracy of the information our users provide us when they register on the Site. However, because user verification on the Internet is difficult, eBay cannot and does not confirm each user’s purported identity. Thus, we have established an offline verification system to help you evaluate with whom you are dealing with. Experiencing short-term ED is not a big viagra for sale india https://www.unica-web.com/watch/2018/reverse.html problem as it is the problem with the brain, not with the veins but it is the malfunction of the smooth muscle, which actually surrounds the veins. Thus along with this you also need to take soft viagra tablets just before sex, as it is able to treat erectile dysfunction but this is not correct it is not a disease in itself, but it is related with several health conditions that can be dangerous to the body. canadian pharmacy for viagra Apcalis is used to treat men who have impotence. The reason was detected by the doctors there were very few symptoms which were seen in these people and they were stress and the main was the improper levitra vs cialis supply of blood to his penis.
click on the link below, fill the form and then submit as we will verify
Please save the above link for your reference
Please Note: – If you choose to ignore our request, you
leave us no choice but to temporally suspend your account.* Please do not respond to this e-mail as
your reply will not be received
Just a few questions I had immediately after seeing this in my deleted bin.
- Why is the billing department sending me this message?
- Why would I not call eBay to verify an online breach?
- There are obvious grammatical errors in the body of the email…this is a huge indicator for me!
- They describe the verification method as “offline” yet they are asking me to click a link.
A simple mouseover proved the easiest clue that something was awry! Allowing my mouse cursor to hover over the link provided indicated that the real address was not the one listed in the email.
The wanted me to visit a site that was dynamic (php enabled) and that included the word “superbho” (read that as a HiJack attempt or browser helper object) and was not part of eBay’s DNS group, but was rather originating from 67.138.240.14. A quick visit to Internic determined that this address was not assigned to eBay.
Moral of the story: Use common sense to thwart these spoof attempts and don’t be pressured into clicking links for any reason. ( …you leave us no choice but to temporally suspend your account… He he he!)
See this eBay informational page for more info about how these attempts work.
For more information on some previous attempts see this link.