Dave Taylor answers free tech support questions about a wide variety of business and technical topics, including blogging, iphone help, ipod help, AdSense, MySpace, Sony PSP help, Mp3 players, Windows XP, Windows Vista, Linux, SEO, Mac OS X, Facebook, Twitter and LinkedIn.

What does an eBay phishing attack look like?

I got an email from an eBay buyer saying that he had a question for me about an auction, but it's not an auction I'm running. Will I get into trouble with eBay if I don't answer the question? I mean, I don't really understand what's going on?

Dave's Answer:

What you're seeing is actually something called a "phishing" attempt, it's like a virus that's based on social engineering and the goal of the person who sent this to you (who isn't the person listed in the eBay query, they're fictitious) is to get your account and password information, then log in to your eBay account and hijack it.

Do they sound like nice people? No. They're not.

I get these sort of phishing attempts all the time and while some are extraordinarily well done, most break at one point or other in the process because they're not thinking things through (luckily).

For example...

You can see here that this really looks like a legitimate email from eBay regarding an auction you're running. Except that I'm not actually selling anything right now on eBay.

Nonetheless, if I put the cursor over the big "Respond" button, check out what happens:

As you can see, it's a bit of a jumble because they didn't quite write the HTML properly for this message, but notice that my email program (Microsoft Entourage) shows me the target URL in the long-skinny yellow box, while the email HTML shows a legit-appearing "cgi.ebay.com" URL. That's bogus.

If you were to click on the link, here's where you go:

At this point the phishing attempt breaks down because it's clearly a ".ru" domain and you're seeing a 404 error page. Not good. Imagine, instead, though, if you were to see this:

Would you buy it? Would you thoughtlessly go ahead and enter your account and password information, just to be a bit surprised when it failed and asked you to log in again, even while behind the scenes they've recorded your account information for later mischief.

One way to check this is to always look closely at the URL shown in your browser when you're on the page. That'll always show you if you're on a legit eBay page or not. For the above, for example, here's what you'd have seen:

In general, if you get an email from eBay that you're even remotely suspicious of, then just log in to your eBay account by typing in "www.ebay.com" then go to "My eBay" and see if the message is there too. THAT they can't fake out.

And, be careful out there.

Help others find this article at Del.icio.us, Digg, Netscape, Reddit, and Stumble Upon

Categorized: Auctions and Online Shopping (Article 8404)
Tagged: ebay, hacking, phishing, social engineering
Previous: Is Last Minute Bidding (Sniping) the only Way to Win an eBay Auction?
Next: How do I auto-follow Twitter followers?

Subscribe!

Never miss another useful Q&A article again! Subscribe to AskDaveTaylor with Google Reader.

Comments

"THAT they can't fake out."

Actually, if they really really wanted your ebay account, that create a virus to change your HOSTS file, or change the DNS servers you use, but they probably aren't that desperate.

Posted by: Ray at July 23, 2008 11:17 AM

Wow,
That is kind of scary

Posted by: undeniablynerdy at July 28, 2008 3:26 PM

I have a lot to say, but ...

I have a lot to say, and questions of my own for that matter, but most of all I'd like to say thank you for all your efforts on this Web site by buying you a chai!

I do have a comment, now that you mention it!