posted on April 2, 2006 12:54:47 PM new
Today I have received 3 emails supposedly from potential buyer through eBay messages. When I went into My Ebay & clicked on Messages, they were not there. Also the item numbers were outdated & were never in my auctions. This is a good reminder to always check with eBay befor answering any of these.
Life Is Too Short To Drink Bad Wine
[ edited by sanmar on Apr 2, 2006 05:05 PM ]
posted on April 2, 2006 01:13:42 PM new
NEVER answer inquiries from potential buyers through Outlook Express or any other e-mail program for that matter. ALWAYS log on to eBay, click on "My eBay," and check to see if the inquiry from a potential buyer is there in "My Messages." It's legitimate if it's there in "My Messages."
I learned this the hard way....last Fall, I received an "Ask Seller a Question" e-mail from a "buyer" which asked if I shipped to London. I answered directly from the e-mail in Outlook Express,
and said yes, I have had a number of winning bidders in London and elsewhere in the U.K.,
which item interests you? As I sent the message, I realized it was going to a web site in Spain, and I immediately realized that this was a phishing scam.....I had previously typed in my eBay password before I started to answer the so-called buyer. As soon as I realized my mistake, I immediately changed my password on eBay.
posted on April 2, 2006 01:26:11 PM new
And on the subject of spoofs... I read an article on Cnet News this morning that opened up a possibility for phishing I had not considered. You can be on the real eBay website and when you click on a listing it can run a script that takes you to a spoof site where you are asked to sign in again. The only clue is the address line which is often confusing on eBay.
-----o----o----o----o----o----o----o----o
“The illiterate of the future will be the person ignorant of the use of the camera as well as of the pen.”
Maholy-Nagy, Vision in Motion, 1947
posted on April 2, 2006 01:56:55 PM new
That's why I alway's tell people to use ebay's toolbar. If by chance you ever do get redirected to a spoof PayPal or eBay site it alerts you with a big red flashing popup. It also warns you anytime you enter your ebay or paypal user ID and password in a non eBay and PayPal site. Very nice little tool for those people who tend to get suckered by phishers. Not to mention I like the little popup (that works offline) to alert you that a auction you are watching is about to end. It has saved me from missing a auction many times.
Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. - Albert Einstein
posted on April 2, 2006 04:07:52 PM new
Mike. I was told that the ebay tool bar was nothing more then a spy mechanism. that is why i have not installed it. how have you found it to be.? do you recommend it.?
posted on April 2, 2006 04:20:02 PM new
I still don't want the Ebay toolbar. Considering that Ebay makes big $$$ from selling what we search for and how we search for it, I don't want to make it any easier for them. From my past experiences with Ebay cookies they have done more harm than good.
But then some people don't worry about such things as cookies. Some people even like incredimail.
"The following is a quote from Patrick Kolla, the developer of Spybot S&D.
It's verified now that the eBay toolbar is violating eBay's own Privacy Policy. According to eBays Privacy Policy, Appendix 2, stuff like IPs etc. is given to Advertisers only in a non-personal manner, to External Service Providers only with given permission (which is not asked for in the toolbar license agreement) or upon direct contact (which the user doesn't know anything about).
[During testing] The toolbar contacts both MediaPlex (adfarm.mediaplex.com) and DoubleClick (ad.doubleclick.net), using at least the first as a page relocator. That means this relocator page at MediaPlex receives the whole URL that the toolbar calls. It receives all search terms, and in the POST (formular) data of the HTML header it will also receive any formular data you enter or that is transmitted automatically.
The mediaplex relocator also contains some long number that could be a GUID [Editor: A GUID is a Globally Unique Identifier].
The least thing those two advertisers could monitor is the keywords you search for on ebay; MediaPlex is using their cookie for the toolbar, so they can track you very easy.
The worst thing that is - theoretically, not proven - possible would be much more access to your ebay account, including information about everything you bought or sold, for example."
posted on April 2, 2006 04:37:44 PM new
glassgrl - If you check that is a OLD version of the ebay tool bar. Those post were from back in 2004 and was when they released the first version of it. It may have had some bug's back then.
I have it, I use it and I love it. Have never at any time had any problem with it at all (God, it can't be a ebay program then). However the way I have security set up on my computers the program only has limited access to the internet. Basicaly I only allow it to refresh the listing's it monitors for me and nothing else.
Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. - Albert Einstein
posted on April 2, 2006 05:29:37 PM new
Yes, spybot is one of the security programs I run on my computers. Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. - Albert Einstein
posted on April 2, 2006 05:51:19 PM new
ok I will say this. for the average user that is not worried about cookies - the Ebay toolbar might be a "good thing" (to paraphrase Martha Stewart) IF it keeps you from going to a spoof Ebay or PayPal site.
BUT who knows when the scammers scumbugs will figure out how to circumvent that?!
posted on April 2, 2006 06:30:09 PM new
well Mike I emailed Patrick at SpyBot and asked his opinion. I'll let you know. According to their webpage from 2003 here's what it says:
"Threats - Search
eBayToolbar 2003-05-03 17:32:16
Company
Aliases
URLs Website (http://www.ebay.com/)
Product (http://www.ebay.com/ebay_toolbar/)
Functionality
Description According to http://pages.ebay.com/help/community/privacy-appendix2.html, information to advertisers (including even IP, viewed pages, etc.) is given only in non-personal identifiable version; and to external service providers only with your agreement. But this toolbar uses adfarm.mediaplex.com as a relocator when you click on 'My eBay' or do a search. A possible GUID is also transmitted to the relocator (MediaPlex) server. Your typed keywords are sometimes also transmitted to DoubleClick. In combination with tracking cookies (somethings MediaPlex and DoubleClick are known for) this would allow MediaPlex and DoubleClick to track you. eBay is not interested in giving any statement about this, which raises further suspicions.
Privacy The eBay Toolbar is designed to be used in conjunction with the eBay site. Accordingly, your use of eBay Toolbar is also defined by the eBay User Agreement and Privacy Policy."
I DO see where it's dated 2003 so I asked him if there was any further information on it.
posted on April 2, 2006 06:36:12 PM new
BTW photo that was a VERY interesting article on Cnet.
For those of you who don't like links:
Phishers set hidden traps on eBay
By Joris Evers
http://news.com.com/Phishers+set+hidden+traps+on+eBay/2100-7349_3-6056687.html
Story last modified Fri Mar 31 17:01:23 PST 2006
Click on an eBay auction listing, and you could get an unwanted result: a fake eBay login page, created by scammers looking to pilfer your username and password.
With about 181 million users worldwide, eBay is arguably the world's most popular online marketplace. As such, the San Jose, Calif., company, with its online payment unit PayPal, is among the biggest targets for online scammers--including phishers.
Phishing scams use forged Web sites that look like legitimate sites in an attempt to dupe Internet users into giving up sensitive data, such as usernames, passwords and credit card details. Cybercrooks typically use spam e-mail to lure people to their Web traps. But on eBay, they also take advantage of the auction listings on the site itself.
Some of the scams run on the auction Web site are almost invisible to the untrained eye. eBay lets sellers customize their auction pages using Web programming techniques and automated tools. However, attackers are abusing this freedom to build auction pages that include a rigged listing. When potential customers click on the link, it sends them to a phishing site.
eBay is aware of such abuse of its service for trickery by cybercrooks, Catherine England, an eBay spokeswoman, said Friday.
"Our sellers really use the dynamic content aspect of our listings," she said. "The benefits overwhelmingly outweigh the red skin that we have gotten."
The page users are redirected to what appears to be an eBay login page, but is in fact a copy stored elsewhere--a classic phishing scam. "This page looks just like the eBay login page, only the Web address is different," Cahill wrote. The bad listings are usually for really appealing items or related to adult entertainment, he wrote.
eBay lists about 78 million items at any given time, and 6 million items are added daily, England said. The company has methods in place to fight fraud and employs about 1,000 people whose fulltime job it is to keep the marketplace safe. But sometimes a page with malicious code does get onto its Web site, she added.
"By the time something gets up there, we're usually so quick to get it and pull it down that it is really a moot point," she said. "We feel that it is not a huge concern or issue--it is miniscule."
Online fraudsters have targeted eBay and PayPal for years using a variety of techniques, including listing design abuse, England said. "This tactic for phishers has been around for a long time," she said.
Despite industry efforts, phishing is still on the rise, and experts predict that scams will become increasingly sophisticated. A record 9,715 phishing Web sites were spotted in January, according to the Anti-Phishing Working Group.
eBay offers a browser toolbar to help protect customers against fake copies of its Web sites. The company also provides extensive security information on its Web site, including a "spoof tutorial."
posted on April 2, 2006 06:55:12 PM new
glassgrl - I read the description above and in Bold is the part that is relevant. I never click on anything in the ebay toolbar. I only let it monitor my auction watch list (for the 10 minute ending warning) and use the spoof site identification function.
Description According to http://pages.ebay.com/help/community/privacy-appendix2.html, information to advertisers (including even IP, viewed pages, etc.) is given only in non-personal identifiable version; and to external service providers only with your agreement. But this toolbar uses adfarm.mediaplex.com as a relocator when you click on 'My eBay' or do a search. A possible GUID is also transmitted to the relocator (MediaPlex) server. Your typed keywords are sometimes also transmitted to DoubleClick. In combination with tracking cookies (somethings MediaPlex and DoubleClick are known for) this would allow MediaPlex and DoubleClick to track you. eBay is not interested in giving any statement about this, which raises further suspicions.
Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. - Albert Einstein
posted on April 2, 2006 07:11:29 PM new
The latest version of Spybot S&D along with their most recent updates still show the Ebay Toolbar as being common spyware. I sure as hell would not trust a company (Ebay) that makes and distributes spyware (Toolbar) to try to keep me safe from a phishing site. Even if Ebay's intentions with Toolbar were honorable, the mere fact that it is installed is an invitation for a third party scammer to utilize it.
If Murphy's law is correct, everything East of the San Andreas Fault will slide into the Atlantic
posted on April 2, 2006 07:50:32 PM new
glassgrl - Sorry, I don't click on links like that. Security starts with not clicking links and the programs are just to help you in the event you make the mistake of doing it anyhow. But I can tell you it would not go off since it is a real PayPal link. If you right click and check properties it is clear that it is a www.paypal.com address and not a redirect.
Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. - Albert Einstein
posted on April 2, 2006 08:06:42 PM new
right Mike. That's my 2004 Paypal email I got yesterday. so now we don't know if the Ebay toolbar is "valid" or not? I didn't give you my password to log in - and since I already had to open the email (html turned OFF in Outlook) in order to forward it on - any information gained has been passed on.
It's not a legitmate email. Although PayPal never responded to my spoof@PayPal email I sent them.
Note:YOU WILL HAVE TO REFUND WHAT I'VE ALREADY PAID YOU BEFORE I CAN SEND A MO. YOU SAID YOU DON'T ACCEPT PP YET MY PAYMENT TO YOU WENT THROUGH AND IS CONSIDERED COMPLETED ACCORDING TO PP. eBay Payment Sent (ID # 0U9468578E14680M) Total Amount -$17.25 USD Date: Dec 11, 2004 Time 16:24 PST ***Status: Completed*** Shipping & Handling via Standard Delivery $7.00 USD Shipping Insurance $1.30 USD Payment To: waynel lucas Seller's ID: 1sonnnyone Seller's Email: [email protected]
To view updated details of this Money Request, click on the following link or copy and paste the link into your web browser:
posted on April 2, 2006 09:12:39 PM new
Any alert person will not be fooled by most phishing attempts. FireFox shows the url as a fake as does Eudora. Intelligence is the best defence! (unless you're the CIA or another TLA)
posted on April 2, 2006 10:08:08 PM new
glass girl, that url in that phishing email you got can look like a real Paypal url but IF you hoover over the link and look down at the left lower corner of your email client (in Outlook express) it may show another url like http://843.485. blabla --maybe a name different numbers or anything that is your big tip off, not the showing in email url. They can be totally different stated right in email but the actual url is different. They coded it that way.
I had ebay toolbar once and I let spybot s&d get rid of it. I too never click links in emails.
What worries me is the scripts on ebay pages that can do us in. Think they need to stop them I do know you can't or not supposed to put scripts in your auctions but I have come across a few auctions that has a popup login for a website now that is weird. I always report a weird acting auction but they are getting clever.
**************
Some minds are like concrete,
thoroughly mixed up and permanently set.
posted on April 2, 2006 10:38:07 PM new
Ebay never had a problem with auction formats when they prohibited Java. Once they started allowing it, it didn't take programers long to devise abuses. The other thing you have to beware of is keylogging trojans hidden in images in auctions. Anyone who visits the Ebay site without a good AV program plus a good spyware program installed is at risk of being infected. Once the WSJ picks up on the latest java redirects and a couple other news outlets toss it around Wall Street, you can expect Java to be outlawed again on Ebay listings. That's going to result in a lot of unusable templates for sellers.
If Murphy's law is correct, everything East of the San Andreas Fault will slide into the Atlantic
posted on April 3, 2006 03:31:49 AM new
sparkz wrote: Ebay never had a problem with auction formats when they prohibited Java.
I think you have Java confused with Javascript (or ECMAScript to be correct). Java comes in (coffee) cups or is commonly seen on computers as applets or Flash animations.
The other thing you have to beware of is keylogging trojans hidden in images in auctions. Anyone who visits the Ebay site without a good AV program plus a good spyware program installed is at risk of being infected.
Only a problem with insecure OSs - doesn't affect Linux, Mac OS, Unix, and other secure OSs... same goes for virii.
posted on April 3, 2006 04:47:57 PM new
I'm glad I read here. Kinda scared me, when I received an email 'Question for eBay Member'
saying I need to pay for a toolbox, or he'll 'get ebay to suspend me'
Here's what he wrote, and the eBay user name is real
Hello,
You are the winning bidder of this auction (4400230457) at you last bid. I tried to contact you but you did not respond me, what happend ?!? I only accept paypal. Hope you will reply me ... if not, i will contact eBay to tell them how you are dealing this transaction and ask them to suspend your user because i am trying for 3 days to contact you and no response.
will wait your response ASAP
tropicalknight3 C.M.
The whole email looks to be from eBay. I just moused over the links, and they are for some signin but I don't think its ebays.
But I will forward it to spoof or whoever runs the shop at ebay.
posted on April 3, 2006 06:22:39 PM new
if you'll notice, my Ebay bidder whatever name is similar but not an exact Ebay name.
1sonnnyone
there is a 1sonnyone (with 2 nn's but not 3 even under similar names)
funny - I didn't get Firefox showing that as a phony address - as a matter of fact it said it was signed and verified as a legitmate Paypal address. I don't have Eudora.
when I click on the lock on the bottom of the right hand of Firefox it shows as below (captured screen shots)
Please do not reply to this email. Email sent to this address will not
be answered.
***********************************************************************
Dear glassgrl,
Thank you for bringing this incident of suspicious activity to our
attention. PayPal will investigate this activity immediately and contact
you further if any additional information is required. We appreciate
your concern and thank you for making PayPal the most trusted online
payment service.
Sincerely,
PayPal, Inc.
This email is sent to you by the contracting entity to your User
Agreement, either PayPal Inc or PayPal (Europe) Limited. PayPal(Europe)
Limited is authorised and regulated by the Financial Services Authority
in the UK as an electronic money institution.
***********************************************************************
PayPal and its representatives will NEVER ask you to reveal your
password. There are NO EXCEPTIONS to this policy. If anyone claiming to
work for PayPal asks for your password under any circumstances, by email
or by phone, please refuse and immediately contact us via webform at
https://www.paypal.com/wf/f=sa_pass.
Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. - Albert Einstein
