Just about everyone is familiar with the popular online shopping site eBay which is why it is also so popular with scammers who use phony phishing emails that appear to come from eBay which attempt to either lure you into clicking on malware infected links or providing personal information that can be used to make you a victim of identity theft.
Reproduced below is a new eBay phishing email that is presently circulating. This particular phishing email looks legitimate. The graphics and the grammar appear legitimate although the email does not refer to you by name. It also came with a legitimate appearing eBay logo (not reproduced below), but that is easily counterfeited. The email attempts to trick you into clicking on a link (which I have not reproduced) in order to dispute the change of your account. If you click on the link indicated, this particular email will take you to a legitimate appearing page that asks for tremendous amounts of personal information that can be used to make you a victim of identity theft.
“eBay Change Email Notice
Hi,
Thank you for submitting your change of email address request. Instructions on completing the change have been sent to your new email address. Once the process is completed, your eBay-related email will no longer be routed to this email address.
If you did not make this change, check with family members and others who may have access to your account first. If you still feel that an unauthorized person has changed your email, get help here:
http://********************************
Change of email address request was made from:
IP Address: 207.189.26.10
ISP Host: 207.189.26.10
Thank you,
eBay”
TIPS
The primary question we all face when we receive such an email asking for personal information or urging us to click on a link is how do we know whether to trust the email or not. The answer is, as I always say, trust me, you can’t trust anyone. Regardless of how legitimate such emails appear, you should not provide any personal information or click on any links until you have independently verified that the request for personal information or instructing you to click on a link is legitimate. In the case of eBay, important messages will generally be sent to you through the Messages tab in your My eBay account. Any email from eBay will also contain your name in the salutation. This phishing email merely states “hi” as the salutation without any name. In addition, this particular phishing email was sent by a botnet of hijacked computers so the email address of the sender has no relation to eBay which is an immediate indication that it is a scam. If you ever have doubts as to whether an email you receive purportedly from eBay is legitimate or not, sign into your My eBay account and click on the messages tab. If you don’t see the same message there, the email is a scam.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”