Industry guru Dave Taylor offers free tech support on a wide variety of technical and business topics, including HTML, Apple iPhone, online advertising, Cascading Style Sheets, Web design, management, Unix, Linux, search engine optimization, online dating, Mac OS X, shell script programming and Microsoft Windows.

What does an eBay phishing attack look like?

I got an email from an eBay buyer saying that he had a question for me about an auction, but it's not an auction I'm running. Will I get into trouble with eBay if I don't answer the question? I mean, I don't really understand what's going on?

Dave's Answer:

What you're seeing is actually something called a "phishing" attempt, it's like a virus that's based on social engineering and the goal of the person who sent this to you (who isn't the person listed in the eBay query, they're fictitious) is to get your account and password information, then log in to your eBay account and hijack it.

Do they sound like nice people? No. They're not.

I get these sort of phishing attempts all the time and while some are extraordinarily well done, most break at one point or other in the process because they're not thinking things through (luckily).

For example...

ebay phishing 1

You can see here that this really looks like a legitimate email from eBay regarding an auction you're running. Except that I'm not actually selling anything right now on eBay.

Nonetheless, if I put the cursor over the big "Respond" button, check out what happens:

ebay phishing 2

As you can see, it's a bit of a jumble because they didn't quite write the HTML properly for this message, but notice that my email program (Microsoft Entourage) shows me the target URL in the long-skinny yellow box, while the email HTML shows a legit-appearing "cgi.ebay.com" URL. That's bogus.

If you were to click on the link, here's where you go:

ebay phishing 3

At this point the phishing attempt breaks down because it's clearly a ".ru" domain and you're seeing a 404 error page. Not good. Imagine, instead, though, if you were to see this:

ebay phishing 4

Would you buy it? Would you thoughtlessly go ahead and enter your account and password information, just to be a bit surprised when it failed and asked you to log in again, even while behind the scenes they've recorded your account information for later mischief.

One way to check this is to always look closely at the URL shown in your browser when you're on the page. That'll always show you if you're on a legit eBay page or not. For the above, for example, here's what you'd have seen:

ebay url in flock

In general, if you get an email from eBay that you're even remotely suspicious of, then just log in to your eBay account by typing in "www.ebay.com" then go to "My eBay" and see if the message is there too. THAT they can't fake out.

And, be careful out there.



Help others find this article at Del.icio.us, Digg, Netscape, Reddit, and Stumble Upon    
Categorized: Auctions and Online Shopping   (Article 8404)
Tagged: , , ,
Previous: Is Last Minute Bidding (Sniping) the only Way to Win an eBay Auction?
Next: How do I auto-follow Twitter followers?

Subscribe!

Never miss another useful Q&A article again! Subscribe to AskDaveTaylor with Google Reader.

Comments

"THAT they can't fake out."

Actually, if they really really wanted your ebay account, that create a virus to change your HOSTS file, or change the DNS servers you use, but they probably aren't that desperate.

Posted by: Ray at July 23, 2008 11:17 AM

Wow,
That is kind of scary

Posted by: undeniablynerdy at July 28, 2008 3:26 PM

Whenever you receive an email from eBay in your email account yahoo,msn,gmail NEVER click on any of them ,IF you click on them it takes you into a website which looks just like eBay and which asks you to sign in or update your personal information , look at URL address if it is phishing email you will see that there is some other URL address in your address bar .
Send all these emails to spoof@ebay.com
Ebay always sends emails directly to your email account , always open emails only logging in to Ebay.com and then going to my eBay .
Ebay also sends you emails to your email account and the same emails reflect in your My EBay so open them only from My eBay.

-Steve

Posted by: Steve at December 4, 2008 2:41 PM

I have a lot to say, but ...
Starbucks coffee cup I have a lot to say, and questions of my own for that matter, but most of all I'd like to say thank you for all your efforts on this Web site by buying you a chai!

I do have a comment, now that you mention it!











Remember personal info?


Please note that I will never send you any unsolicited commercial email. Ever.

While I'm at it, please note that by submitting a question or comment you're agreeing to my terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site.









Uniblue: Free Virus Scan

Follow me on Twitter @DaveTaylor

Search
Find just the answers you seek from among our 2300+ free tech support articles by using our Lijit search engine.


Help!
Ask Dave for Help!




Link To Dave!
• Buy Dave a Cuppa •
Media Queries

Subscribe to
Ask Dave Taylor!

Add to Google Reader
Add to My Yahoo!
Subscribe in NewsGator Online

RDF   XML

Free Updates!
Sign up and get free weekly updates and special offers on books, seminars, workshops and more.

Complete Archives

Recent Entries
Book Links
CIG Growing Your Business with Google
Creating Cool Web Sites
Wicked Cool Shell Scripts
Learning Unix for Mac OS X Panther
Solaris 9 for Dummies
Teach Yourself Unix System Administration in 24 Hours
Teach Yourself Unix in 24 Hours
Creating Cool HTML 4 Web Pages
Dynamic HTML Weekend Crash Course
film blog - social media / blogging speaking - business blog - Colorado photography - free tech support
© 2002 - 2009 by Dave Taylor. All Rights Reserved.

Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site.

[whiteboard marker tray]
"Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.