- #1
cronxeh
Gold Member
- 1,007
- 11
Today I've received an email that claims to be eBay. The idea is simple - they sent a gullible american an email and tell you in some formal-ish fashion that your account needs to be updated, and even provide you with the link! Ah what nice people, eh?
The catch is that is had nothing to do with eBay. I'm personally aware of at least a dozen people who actually bought into this for one reason or another - make sure you don't become a yet another victim.
Here is how it works. They send you an email with a fake header pretending to be from eBay. Yes it will have an email from aw-confirm@ebay.com. But that header is faked. You can use any number of fake email programs to generate those headers or you can do it manually if you telnet to smtp ( port 25 ) of any email server you are trying to reach. Particularly the way the spammers do this is simply mass email the suspected eBay customers and on average 2-3 % will actually buy into this and go to the provided link, enter their account username and password, and if the fake eBay page is really good they won't even notice how their username and password has been recorded on the fake server's logs and used to log into real eBay. Or in most cases they may even go on and tell you to enter new credit/debit card number (or bank account) so that they 'know you are verified' or something along those lines.
This is the fake Email I've received about 20 minutes ago:
The link they've provided was http:// 211.105.222.71 /[and standard eBay login path]. Now this is not eBay's server IP, and eBay won't send you an email like that anyway.
Upon checking on that IP (211.105.222.71) it was registered for the following place:
211.104.0.0 - 211.119.255.255
KRNIC
Korea Network Information Center
Host Master
11F, KTF B/D, 1321-11, Seocho2-Dong, Seocho-Gu,
Seoul, Korea, 137-857
+82-2-2186-4500
+82-2-2186-4496
hostmaster@nic.or.kr
Now I don't need to remind you why people in Korea are so grateful to the Americans and keep spamming them. Make sure you don't click on any email from eBay and instead simply go to www.ebay.com[/URL] go to My Messages and see if eBay had something to say to you. This email has been reported to eBay. However I won't send email to [email]hostmaster@nic.or.kr[/email] for two reasons: 1) I don't think it would matter and 2) he might be involved himself, and sending an email will only confirm my email address being valid in their spam lists. Dont make same mistakes.
The catch is that is had nothing to do with eBay. I'm personally aware of at least a dozen people who actually bought into this for one reason or another - make sure you don't become a yet another victim.
Here is how it works. They send you an email with a fake header pretending to be from eBay. Yes it will have an email from aw-confirm@ebay.com. But that header is faked. You can use any number of fake email programs to generate those headers or you can do it manually if you telnet to smtp ( port 25 ) of any email server you are trying to reach. Particularly the way the spammers do this is simply mass email the suspected eBay customers and on average 2-3 % will actually buy into this and go to the provided link, enter their account username and password, and if the fake eBay page is really good they won't even notice how their username and password has been recorded on the fake server's logs and used to log into real eBay. Or in most cases they may even go on and tell you to enter new credit/debit card number (or bank account) so that they 'know you are verified' or something along those lines.
This is the fake Email I've received about 20 minutes ago:
Alert ID : 0845913851
It has come to our attention that your eBay Billing Information
records are out of date. That requires you to update the Billing Information
If you could please take 5-10 minutes out of your online experience and update
your billing records, you will not run into any future problems with eBay's online service.
However, failure to update your records will result in account termination.
Please update your records in maximum 72 hours.
Once you have updated your account records, your eBay session will not be
interrupted and will continue as normal. Failure to update will result in
cancellation of service, Terms of Service (TOS) violations or future billing
problems.
Please click here to update your billing records.
Please Note - If your account informations are not updated within the next 72 hours, then we will assume this account is fraudulent and will be cancelled. We apologize for this inconvenience, but the purpose of this verification is to ensure that your eBay account has not been fraudulently used.
We appreciate your support and understating, as we work together to keep eBay a safe place to trade.
Thank you for your patience in this matter.
Regards, Safeharbor Department (Trust and Safety Department)
eBay Inc.
Please do not reply to this e-mail as this is only a notification message.
Copyright 2005 eBay Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
eBay and the eBay logo are trademarks of eBay Inc. is located at Hamilton Avenue, San Jose, CA 95125
The link they've provided was http:// 211.105.222.71 /[and standard eBay login path]. Now this is not eBay's server IP, and eBay won't send you an email like that anyway.
Upon checking on that IP (211.105.222.71) it was registered for the following place:
211.104.0.0 - 211.119.255.255
KRNIC
Korea Network Information Center
Host Master
11F, KTF B/D, 1321-11, Seocho2-Dong, Seocho-Gu,
Seoul, Korea, 137-857
+82-2-2186-4500
+82-2-2186-4496
hostmaster@nic.or.kr
Now I don't need to remind you why people in Korea are so grateful to the Americans and keep spamming them. Make sure you don't click on any email from eBay and instead simply go to www.ebay.com[/URL] go to My Messages and see if eBay had something to say to you. This email has been reported to eBay. However I won't send email to [email]hostmaster@nic.or.kr[/email] for two reasons: 1) I don't think it would matter and 2) he might be involved himself, and sending an email will only confirm my email address being valid in their spam lists. Dont make same mistakes.
Last edited by a moderator: