Join or sign in Register for your free TechRepublic membership or if you are already a member, sign in using your preferred method below. Use Your Email Use FacebookUse Linkedin

Anybody received this spam (??)

Locked

One of my yahoo email-ids, that I use just for Yahoo groups received an email with the following subject. ***Urgent Fraud Prevention Group Notice***

It is supposed to have come from [b]eBay.[/b], they have all the logos etc 🙂

I never give out this particular email id to anyone. Funny how they got it. My wife has her yahoo account too, and she has not received it though. [b]Interestingly I do not even have an eBay account, whereas my wife has one.[/b]

Here is the full text message:

[i]You have received this email because we have strong reason to believe that your eBay account had been recently compromised. In order to prevent any fraudulent activity from occurring we are required to open an investigation into this matter. To speed up this process, you are required to verify your eBay account by following the button below.[/i]

[i]Please Note: If your account informations are not updated within the next 72 hours, then we will assume this account is fraudulent and will be suspended. We apologize for this inconvenience, but the purpose of this verification is to ensure that your eBay account has not been fraudulently used and to combat fraud.
We appreciate your support and understanding, as we work together to keep eBay a safe place to trade.
Thank you for your attention on this serious matter. We apologize for any delay in resolving this situation.
Regards,

Mxxxxxxxx Fxxxxxxxx ([b]I blacked out the name[/b]
eBay SafeHarbor
Investigations Team
[/i]

And there is this footer

[i]
Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered.
eBay treats your personal information with the utmost care, and our Privacy Policy is designed to protect you and your information.
Copyright ? 2006 eBay Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
eBay and the eBay logo are trademarks of eBay Inc.
eBay is located at 2145 Hamilton Avenue, San Jose, CA 95125.[/i]

——————-

There is a “Respond Now” button that urges us to click :-). I hovered my mouse over it and see that the URL points to a domain myuganda.co.ug/ 🙂

Topic

Don’t press reply

In reply to Anybody received this spam (??)

Call the company instead and ask them about it. I found that when I get something into a “secure” account, I am better off making a phone call to the company. They usually know if it is one of their e-mails or not.

Yeah, I did not…

In reply to Don’t press reply

…do not intend to click the “Respond Now” or the “Reply” button. Hmmm..considering the fact that I do not even have an account with eBay I do not have much interest in calling the company.

A number of times

In reply to Anybody received this spam (??)

Legitimate notices from eBay come with your user name on them – anything else is a phishing attempt.

Just today I got a new variant – saying I owe payment on something. Seeing as I’ve never bid on anything thats highly unlikely.

James

Must be Yahoo..

In reply to A number of times

They could not have lifted it out of ebay, it must be from yahoo groups. I have seen yahoo groups being a target for some spamming attacks in the past.

Phishing 101

In reply to Anybody received this spam (??)

There have been a number of these kinds of things. I have seen this one a number of times but this is the first I have heard it recently- last time was about a year ago.

Gettting the “authentic look and feel” is really pretty easy. They are counting on you to be brain dead and follow the link. What you did was define the re-direct. Good for you!

I would hit delete with a clear mind. You may or may not wish to provide eBay with a copy.

sept email

In reply to Anybody received this spam (??)

I have a sept email that ONLY ebay message get sent to, no one else. so without even trying to analyze message, I delete it if ‘from ebay’ but not to the private ebay email address.

(except that for ebay and paypal I take the time to fwd to their abuse and spoof email addresses before deleting)

A common sight…

In reply to sept email

Phishing is becoming an almost daily problem in the UK, more commonly trying (quite successfully) to duplicate bank emails. The answer is obvious, and has already been mentioned – never give out sensitive information in response to unsolicited emails. The one legitimate warning I received asked me to look up and ring the number I already had for my bank – a sensible approach.

Thats why I block all emails with bank names by default

In reply to A common sight…

and whitelist the specific mail servers of the banks. At least at work.

So an email with “commonwealth bank” or “NAB” (which are two of our biggest banks here in Australia) in it is blocked unless I’m sure it comes from mail.nab.com.au. The adress is different to protect the innocent (banks innocent?) but I’m sure you get the picture.

Did Uganda give you a clue?

In reply to Anybody received this spam (??)

I recieved about a dozen of these. Sometimes more than one in a day. Like you I ran my mouse over the ‘respond now’ button and when I saw it was going to Uganda I thought I lost money on Nigeria, surely I’ll get rich on this.

No, it just confirmed

In reply to Did Uganda give you a clue?

…my belief. Yahoo was usually good about identifying other spams, and moved them to the Bulk folder. But this was sitting right there in my Inbox.

For me it was easy to identify as a scam, because I do not use eBay.

as you seem to be counting…

In reply to Anybody received this spam (??)

I’ve had it too, and I too have no eBay account.

another Phishing scam

In reply to Anybody received this spam (??)

Make sure you tell any user who will listen to never click those types of email buttons. Most (hopefully all) TR folks are aware of these phishing scams but people who are not trech oriented may never see the problem in clicking a link and handing over their credit card or password to what they think is their bank or legit businesss.

Also, a new worm seems to have sprung up which uses the Yahoo Instant Messager. It appears as an attachment from an IM contact. If clicked, it installs a browser in place of MS IE but uses the IE icons. The user can’t change internet settings and continually gets adware.

Still looking for a fix, here is an info page:
http://alandmike.wordpress.com/tag/computers-internet/internet-news/

Send it to ebay.

In reply to Anybody received this spam (??)

Forward the full, unmodified e-mail fto spoof@ebay.com, and then delete it. They can use all the help they can get in shutting these phishers down.

Well respectfully

In reply to Send it to ebay.

I doubt that the OP is the first to receive this, and I doubt forwarding it to eBay will have any impact.

I used to do it and all you get back it a form letter.

James

Yes forward oit to Ebay

In reply to Well respectfully

Ebay warns of these type of phising emails and recommends you forward all such emails to ebay.

address was scrounged by malware

In reply to Anybody received this spam (??)

You got phish spam. Complain to the owner of the compromised computer that sent it. Chances are they don’t know they’re spamming.

Spammers already have all the email addresses exposed on the Web or Usenet.

To get more, they’ve released malicious software that searches the victims’ hard drives for anything that looks like an email address.

All it takes these days for an address to start getting spam is for it to be on your friend’s PC and they get an “email virus” or visit a hostile Web site with a vulnerable (Microsoft) browser. The malware they collect finds their address books, and all their friends’ secret addresses start getting spam.

Wanna get less spam? Move all your friends from Microsoft’s crap to something secure and robust. Then start over with a new address.

Phishing

In reply to Anybody received this spam (??)

The scum bags just don’t give up. I even got one that spoofed AOL, had me fooled at first, but I NEVER EVER give out the info except over the phone. I keep numerous e-mails and know what is coming to each so the spam and phishing are easy to spot. if anyone sends me e-mail and I don’t recognize the sender or name, it gets tagged and sent to the admin of the account provider without my even looking at it. Some sites harvest visitors addresses and the onslaught begins. Some unscrupulous individuals will get your address when the are successful in another users machine and collect the contacts lists. How can this be stopped?? The ISP’s have the power and should. But they won’t. Why? I suspect that many providers are in bed with many of these scum and allow anything as long as the bill is paid. If I can tell that these are attempts to get me or anyone to visit their sites just so they can load a piece of malicious software, then I’m sure the providers know what is going on, but do nothing to stop it. Where will it end??

Smells phishy:)

In reply to Anybody received this spam (??)

NT

[Author]

Replies