eBay - "Account Violate User Agreement"
This past week (3/7/05), eBay was the target of yet another major phishing scam, entitled 'eBay: Account
Violate User Agreement'. This latest phishing email warns the user that their "eBay account could be suspended
if you don't re-update your account information. To resolve this problem please click here and re-enter your
account information." Then it goes on to scare the user by saying that if this is not resolved your account
will be suspended for 24 hours and then terminated.
Unfortunately this is nothing new for eBay. According to the New York Times:
"eBay is one of the most popular targets of phishing schemes, which typically use e-mail messages that look like they come from a trusted
service provider to dupe people into visiting a malicious web site. The fraudulent site appears to be
legitimate, but has been set up to steal the victim's person information. such as a credit card number, which
could then be used to commit identity fraud."
3/4/05
Here are some previous examples of phishing attackes that target eBay.
TKO NOTICE: eBay Registration Suspension
Dear eBay Member,
We regret to inform you that your eBay account has been suspended due to the violation of our site
policy below:
False or missing contact information - Falsifying or omitting your names, address, and / or telephone
number (including use of fax machines, pager numbers, modems or disconnected numbers.
Due to the suspension of this account, please be advised you are prohibited from using eBay in any way.
This prohibition includes registering a new account. Please note that any seller fees due to eBay will immediatley
become due and payable. eBay will charge any amounts you have not previously disputed to the billing method
currently on file.
You are required to verify your eBay account by following the link below.
http://signin.ebay.com/aw-cgi/eBayISAPI.dll?SigIn&ssPageName=h:h:sin:US
We appreciate your support and understanding as we work together to keep eBay a safe palce to trade.
Thank you for your patience in this matter.
Respectfully,
Trust and Safety Department
EBay, Inc.
Dear eBay member,
We at eBay are sorry to inform you that we are having problems with the billing information of your
account. We would appreciate it if you would visit our eBay Billing Center and fill out the proper
information that we are needing to keep you as an eBay member. If you don't comply until the 19 of
January 2005, your eBay membership may be suspended, or even deleted.
Click here to complete our web form.
As outlined in our User Agreement, eBay will periodically send you information about site changes and
enhancements. Visit our Privacy Policy and User Agreement if you have any questions.
Thank you!
Your credit/debit card information must be updated
Dear eBay Member,
We recently noticed one or more attempts to login to your eBay account from a foreign IP address and we
have reasons to believe that your account was used by a third party without your authorization. If
you recently accessed your account while traveling, the unusual login attempts may have been initiated
by you.
Click here to verify your information.
Clues that these emails are phishy:
- These emails are not specifically addressed to anyone.
- They try to make you believe that if you don't take any action, your account will be suspended. This is meant to make you panic.
- You have to follow a link to "verify you account".
- The second email uses bad grammar ("information that we are needing to keep you as an...", "If you don't comply until the 19 of January...").
This could indicate that this email is not being sent from a legitimate business.
How do you protect yourself from a Phishing scam?
First, it is important to understand that legitimate businesses should never ask for
your personal information through an email. But since not all legitimate businesses follow
this protocol, you should have some extra protection to know the difference between an
honest email and a hoax.
With Secure IE Browser Security you can rest assured that no phisher will be able to
fool you.
Secure IE's Security Manager allows you to corral your favorite sites (like your bank or
eBay etc) into security zones that you can see at the bottom of your browser
window. Think of security zones like you would a traffic light. Green means "Go",
Yellow means "Caution" and Red means "Stop". If you click on a link in an email and it
sends you to what you think is your bank's website, simply check the security zone at the
bottom of the page.
Since you trust your bank lets say you have categorized it as:
However, the link you clicked on takes you to a page that looks like either of these:
Since the security zone is different, this immediately warns you that you are in
dangerous waters and it is likely the site is an imposter.
Phishing is just one of the ways that a hacker can attack your computer.
Here's how Secure IE's multifaceted security protects your computer:
- Stops Spyware at the point of entry by restricting ActiveX to a
"safelist" of authorized software
- Blocks popups that are often used by hackers as a gateway to installing
programs you don't want on your system.
- Features an automatic security tune-up that scans your PC, detects and
corrects current browser security problems.
Get the Protection You Need
|
Privacy Policy
Home
