I posted this about 30 minutes ago on the Model Railroad forum. After reading the first 2 replies to it I thought it should also be posted here to help anyone who might have received bogus emails from “EBay”.
Like many of you here on the forums I occasionally “bid” on some models (or other things) on EBay. The last time I bid on anything was over a month ago. However, yesterday I received an email “From EBay”, or so it said it was from EBay. I was very suspicious of the email, read it several times, and just didn’t think it was really from EBay. I reported it to their fraud and security team. I also received an email from the security people that the email WAS NOT from EBay. They are now checking into it origin.
So just a warning to those bidding on EBay to be careful about emails received from EBay that are sent out that might not be from EBay. I had not bid on anything lately, so if an email shows up “out of the blue” you might want to be very careful with it and check it out. The internet is full of those wanting to take financial advantage (or worse) of people so do be careful.
I sincerely hope this warning gives you all a “heads up” to be very watchful about what you receive in the email. Don’t be a victim of false emails.
Those kind of fake emails are called “phishing”. The term is derrived from the purpose of the email, to ‘fish’ you for information. This is one of the new ways @$$holes are using to steal your identity. You did good in identifying the bogus email and reporting it.
Always be VERY aware when any site (no matter how authentic-looking) asks you for an “update” on any personal information.
We get those all the time, as my dad buys quite a few old Comics, the fifties stuff, a week, and I buy a modle or two a month. We never bother wiht any of them. The only stuff we even pay attention to is either bidnotices or letters from people we’ve bought stuff from. you really do have to be careful, or you can get ripped off. I never reply directly to an e-mail, and never verify your account through e-mail.
I know that I have gotten several of these e-mails that saw something like “response from ebay seller”, but I knew that I hadn’t inquired on any auctions, so I looked into it and it was just an add or something. Whenever I get one now I just delete it automatically, unless I am actually expecting a response from someone.
I have also seen these types of e-mails purporting to come from AOL. They were also bogus. Wanted all sorts of info including social securithy number, birthdate, address, etc…
I get these all the time and tra***hem. Ebay states that they will NEVER ask you for account info. So be aware. I also have received similar emails from banks wanting me to verify account and password data. Even have gotten messages like this from banks I have never done business with. How dumb do they think we are?
I buy and sell a lot of old writing instruments on Ebay.
Ebay does not send notices or adds, anything you get, other than change of service notices from Ebay, are fake.
On occasion, sellers on Ebay, who have a Ebay store, will add you to their mailing list, and you get their adds.
Like Jim said, read anything you get very carefully.
Ebay itself does not “sell” anything other than it’s service.
I wrote this for my Yahoo! group a few months ago:
I’ve seen two attempts recently at making me visit a site for fear that
something bad will happen. “Your ebay ID will be suspended” or this last one:
“Your credit card will be billed at $22.95”
Since this is an email-group, you guys should be aware of a few give aways:
Body:
tucows.com (A legitimate site) doesn’t have my credit card to charge
Child porn is illegal, possesion of it is a serious crime. I’m sure
distribution carries a higher penalty.
Headers:
Look at the return-path. It doesn’t match the “From” address. While not
necessarily malicious, any corporation will either refer you to a web form or
provide a return address at least in the same domain. (After the @ sign)
Look at the “Received: from” line. The IP address doesn’t have a host name
associated with it. Any legitimate email provider will have a host name
associated with it.
Other tips:
–An IP address that will NEVER have an email message sent from it is 127.0.0.1.
Nor will any IP address with the first octect being higher or equal to
224.x.x.x
–Never enter any personal information such as passwords, address, credit card,
etc from an unsolicited email.
–Internet Explorer has a bug that allows addresses to be spoofed. The URL bar
shows a different URL than the one you’re on. I think there is a fix for it out
now. (arstechnica.com had a story on it.)
----Full message and full headers are as follows----
Return-Path: prl24u2@excite.com
Received: from frontend2.messagingengine.com (frontend2.internal [10.202.2.151])
by www.fastmail.fm (Cyrus v2.2.3) with LMTP; Thu, 04 Mar 2004 22:50:58
-0500
X-Sieve: CMU Sieve 2.2
X-Resolved-to: puckdropper@fastmail.fm
X-Delivered-to: puckdropper@fastmail.fm
X-Mail-from: prl24u2@excite.com
Received:
I posted a reply in the MR section above, but wanted to put in my two cents regarding Puckdropper’s Information.
A way to find IP addresses is by ARIN.net which controls a listing for all IP addresses in the North America area. I usually block all 127 loopback addresses and the class D and above from 224.0.0.0 to about 245.255.255.255 as these are not for “our” internet use yet.
Other countries in the world also have registrys for IP’s such as Ripe for Europe take note that these are general network information that is provided.
Take note that these registerys only provide general information and very specific information is withheld.
As I stated before I only use the email system to “complete” the transaction on eBay with the sellor. Any other email that is unknown to me gets reported to spam and deleted on sight.
My Norton Antivirus 2003 has successfully blocked trojans from getting into my computer off the email server several times this year.
Good luck everyone. Motto: update update and update again.
I get them to. Not only from ebay but a lot of places.
Everybody does need to be real careful. Not only on the internet but on the phone as well. You never know what could happen .