Beware eBay Identify Theft Scams

November 22, 2004 | Business & Commerce | Life

This is a long post with images to clarify just exactly how easy it is to be scammed into giving up your eBay information and much more.

I received an email with the subject "Your account at eBay has been suspended." The text looked like this:

"We regret to inform you that we had to block your eBay account because we have been notified that your account may have been compromised by outside parties...."

That sounded pretty serious, so I clicked the link to go fix it, and got to this normal-looking eBay login page:

At this point, I hadn't noticed the address in the URL, but this would be your first clue. For future reference, "signin_ebay_com_account.barami.co.kr" is not a safe URL!!!

If it doesn't say "ebay.com" as the last domain, you should NOT proceed. I know that's not very specific; you have to know how to read domain names and addresses. I'll try to find a pointer to help describe this better.

Anyway, I didn't notice, and I pay attention to these things. So I "logged in" and got to this page:

(I put two screenshots together, that's why you see the funny scroll bar there.)

Realize that at this point they had already snagged my eBay password, from the previous screen. Here they ask for my email, an alternative password, mother's maiden name, date of birth. Then I got suspicious and look what else they want: driver's license number, social security number, credit card, bank account. Can you believe it? Had I filled in this form, all of that data would be in the hands of someone else, and I probably would have had my identity stolen.

That's a damn fine looking form, and I almost got taken for a ride.

The first thing I did was log into eBay (using the just-compromised password) and change my password. The next thing I did was write this blog entry. Now I'm going back to work.

Comments

If you just read your email as text rather than html, the link ending in .kr is a lot more obvious...

Posted by: joe schmoe at November 24, 2004 03:08 PM

I actually do read it as text (Mailsmith on OS X), and even went so far as to check the headers on that message, but in the midst of a busy day, blew it on the URL. Live and learn.

Posted by: Michael J. at November 25, 2004 08:38 PM

Subscribe to Notio

• RSS 2.0 Feed

Topic Archive

• Arts & Culture
• Business & Commerce
• Cooperatives
• Governance
• Life
• Nature & Environment
• People & Society
• Products & Opportunites
• Science
• Site Maintenance
• Software
• SoL
• Technology
• Travel

Recent Photos

Recent Entries

• Wesabe
• PawSense
• Monday Blues
• Wordie
• Teenar, Girl Guitar
• I Can't Help It, If I'm Lucky
• Rich People Don’t Care About Gas Prices
• Comments
• Know Your Cell Phone
• What's a Wovel, You Wonder?
• Impossible to Write a PC Headline For This
• One Bank, One Card
• What's Up
• The World Standard in Studless Winter Tyres
• Axis of '70s Campus Republicans
• Keep An Eye On the Situation
• Dear Boloco
• Election Protection
• Vote Freedom
• Have You Made Any Meaning Today

Monthly Archive

• December 2006
• November 2006
• October 2006
• September 2006
• August 2006
• July 2006
• June 2006
• May 2006
• April 2006
• March 2006
• February 2006
• January 2006
• December 2005
• November 2005
• October 2005
• September 2005
• August 2005
• June 2005
• May 2005
• April 2005
• March 2005
• February 2005
• January 2005
• December 2004
• November 2004
• October 2004
• August 2004
• July 2004
• June 2004
• May 2004
• March 2004
• February 2004
• January 2004
• December 2003
• November 2003
• October 2003
• August 2003
• July 2003
• March 2003
• February 2003
• January 2003

Search Notio

What Is This?

Michael J.'s Notio is a personal weblog. It does not necessarily reflect the views of our family, friends, or clients.

Photo: Michael J. in 1971.

Weblog powered by Movable Type

© Copyright 2003-2005 Michael J.