Hi all,

To let you know that I just received a FAKE ebay message, I have forwarded the original to spoof@ebay.com.

Title and body:

Please update your account untill 20 June 2006

It has come to our attention that your eBay billing updates are out of order. If you could please take 1-2 minutes out of your online experience and update your billing records you will not run into any future problems with the online service. However, failure to update your records will result in account termination. Please update your records.


Once you have updated your account records your eBay session will not be interrupted and will continue as normal. Failure to update will result in cancellation of service, Terms of Service (TOS) violations or future billing problems.

To update your eBay records now click here:
http://signin.ebay.com/ws2/eBayISAPI.html


The sender (probably hijacked) smtp is located in Florida, the HREF points to:

href="http://ss4.newseoul.com/.signin.ebay.com/ws2/eBayISAPI.html .

which is registered by these bastards:

Registrant:
softcan (NEWSEOUL-COM-DOM)
5F building-chungjung 32-11 chungjungro-3ga
seodaemun-ku
Seoul, 120013
KR
82-2-392-3096
peteryun@softcan.com

Domain Name: NEWSEOUL.COM
Status: PROTECTED

Administrative Contact:
peteryun peteryun@softcan.com
5F building-chungjung 32-11 chungjungro-3ga
seodaemun-ku
Seoul, 120013
KR
82-2-392-3096

Technical Contact, Zone Contact:
peteryun peteryun@softcan.com
5F building-chungjung 32-11 chungjungro-3ga
seodaemun-ku
Seoul, 120013
KR
82-2-392-3096

Hi ErnestoJuan, I have had a number of these :mad: , the give away is the e-mail is always addressed to 'dear member' or 'account holder' etc. in fact anything but your eBay username.
A sign of our technological age......highway robbery without the 'flintlock' ;)

Nothing new to me unfortunatelly. I'm receiving over 10 different fake messages per week, on different subjects, like: question on item, ebay security message, dispute console on unpaid item., etc, etc.

If message is real you'll have it on your MY EBAY messages.
If you're using outlook, thunderbird or other software BE SURE that after clicking on "Response" button real ebay page will appear. Those fakes are often beginning in address field as "www.yahoo. ....", or with different numbers looking like IP "http:// 215.146,..." etc.

Regards!

Now I have a fake Paypal phishing message from the same @ssholes:



<TD><A href="http://ss4.newseoul.com/pp/update/secure/cgi-bin/webscrcmd_login.php"



><IMG height=35 alt=PayPal src="http://images.paypal.com/en_US/i/logo/email_logo.gif" width=255 border=0></A>
</TD></TR></TBODY></TABLE>

Now I have a fake Paypal phishing message from the same @ssholes:



<TD><A href="http://ss4.newseoul.com/pp/update/secure/cgi-bin/webscrcmd_login.php"



><IMG height=35 alt=PayPal src="http://images.paypal.com/en_US/i/logo/email_logo.gif" width=255 border=0></A>
</TD></TR></TBODY></TABLE>

This one goes to spoof@paypal.com

I haven't received one of these in 6 months or so .
Looks like someone's gearing up for another onslaught of this crap .

Rick, you are either very lucky or have an excellent SPAM filter. ;)

Like wolviex, I get a dozen or so of these a week, at home and at work. As noted below, these all have phoney URL links -- easy to spot most of the time (some are trickier than others) -- and if you look at the sources of the email (details at the top of the text that list originating server, etc.) these are not authentic either.

Ian.

Nothing new to me unfortunatelly. I'm receiving over 10 different fake messages per week, on different subjects, like: question on item, ebay security message, dispute console on unpaid item., etc, etc.

If message is real you'll have it on your MY EBAY messages.
If you're using outlook, thunderbird or other software BE SURE that after clicking on "Response" button real ebay page will appear. Those fakes are often beginning in address field as "www.yahoo. ....", or with different numbers looking like IP "http:// 215.146,..." etc.

Regards!

Maybe it's my ISP Comcast ; they have their own spam filter or maybe it's Norton internet security; it's got a nice spam filter too ; not much gets through .


Then again I might just be lucky :D ; I do report every single one I get .

OK, here is my 2 cents worth...

Most of these things act as if you are logging on to an real site. Really, they are stealing you login and password. Now they got ya!


1. Never give out passwords or account information.
2. Look at the actual source of the email - not that it just looks like it came from eBay or Paypal or any banking institute.
3. I have heard that some overseas eBay sellers are sending fake Paypal logins too… just a rumor…

If you are not sure how to do that…

Do not input you real account or login the first time. If it accepts it, it is obviously a bogus site! (They do not know your account and password, they are just trying to steal it).

They will soon figure out that people are doing this, so you may want to input a bogus password the second time. If it is still rejecting you, then use you actual account and password on the third try.

Call me over cautious… but I would rather be safe than sorry. ;)

I get several a week from Ebay, Paypal, and banks that I don't even do business with. Always go to your messages in My Ebay if you have any question. I even worry when I get an email saying that I've won the auction and get a link to pay from. Even then, I usually to Ebay, then the auction, and pay from there. If the bastids ever figure out how to get to people who just won an auction, they'll get a BUNCH of passowords.

Steve

I don't want to start a slashdot - like troll or whatever, but being a paranoid IT guy for a long time 17+ years (currently infrastructure systems developer) , on my pc ( linux /xp dual boot) I NEVER use Windows XP for financial or other sensitive business.

I use XP for games - my favorite being Age of Empires :p - thats all.. Regardless of disabled services, registry tweaks, antivirus and anti spyware and firewall software: I do not trust it for 100%.

Do I trust Linux for 100% ? No, but more than XP..