I've just been successfully phished, do'h!

[Vini]

Well in all my time on the internet (~12 years), I've never been taken advantage of.

Until now. Gutted...

Luckily i noticed and logged into the real ebay and changed my pw. I have been pondering changing my password accross the board recently anyway, so maybe I will do that now. It's a bit of a coincidence as I am actually -probably- due an unpaid item strike, despite trying to sort it with the seller.

eBay Unpaid Item Strike Received: #6787143731

You have received an Unpaid Item strike
You were the winning buyer on eBay item #6787143731 .The seller, has informed eBay that payment for the item has still not been received, or that the two of you were not able to come to agreement. As a result, you have received an Unpaid Item strike.

Remember, Unpaid Item strikes may result in your suspension from eBay.

You can appeal this Unpaid Item strike if you believe it is not deserved. First, read the requirements for appealing the strike. If you meet them, you can submit your appeal on that page. If your appeal is successful the strike will be removed.

If you have recently paid for the item number listed below or do you feel it to be a mistake, you must Remove the Unpaid Item Strike Now.


Regards,
The eBay Team

The domain was _http://signin.ebay.com.cgi3-ws1.info/e8ayISAPI.php?SignIn&ssPageName=h:h:sin:US and it kind of threw me as I know email sometimes use subdomains like cgi3.ebay.com etc... The erroneous 8 should have given it away.

Maybe the week's catching up on me.

At least I noticed.

[bad boy]

sorry to hear that m8

[Zak33]

my missus Sair fell for summit similar 2 years ago

Just started ebaying, got 20 sales under her belt and "Would you like to be a power seller?" email arrived. Damn right.....lets get that logo on our name!"

Log in.....applied.

3 days later....credit card is getting raped!

[directhex]

what mail client are you using? thunderbird warns about most simple url spoofing tricks

and installing google toolbar on firefox is also useful, as it adds reasonable anti-phishing

[slugs]

thanks for the heads up. ive got the same email in my inbox. its in my todo list. it would of waited until i got home i guess. and then i would of relised it was rogue

we have to use ie at work

[jimborae]

Yeah my ebay account was hijacked too about 2 months ago, luckily I noticed the day after it happened. Somebody was trying to sell a £500 camera under my name.

These were th only details I could get:

isp host :sjclb95-map7.sjc.ebay.com
centrino1770@hotmail.com

I did get hotmail to close his account too I still don't understand how they hijacked my account as I certainly wasn't phished, I never reply to emails from ebay, paypal etc. Admittedly my original ebay password wasn't that strong so maybe they did a brute force attack on it but it seems like a lot effort for not much of a result.

[XA04]

Funnily enough I just got a new spam email (that I haven't seen before), which managed to get into my inbox and aparently came from eBay... it looked like it was a private message from through eBay (some user was asking how much I was selling an item for), and the respond button linked to a none ebay site.

[Vini]

i use Zone Alarm, Firefox and Outlook 2003. Normally theyre flagged as 'possible spam' and the links are 'fixed' however, this got through.

[kalniel]

Tough luck, but well done for doing something about it in time.

Whenever I get emails like this (inc from banks, utilities etc.) I always make sure to start a fresh browser and manually type in the root address of the website. If I was being really paranoid I'd clear out cookies before doing so incase there was any redirecting malaware in there.

[MSIC]

Well done for noticing mate.
I see phishing as the worst thing that's around at the moment - I tend to 'support' about 10 computers (all on a 'friends & family' basis, no payment LOL) and make sure that they all have firewalls, anti-virus, run spyware checks, update windows etc etc etc all on a regular basis; the one thing i can't prevent is them falling for things like this and it scares me (especially my mum who has a large bank account and seemingly very little awareness of this sort of thing).

I even nearly fell for a phishing scam myself, and have been on the internet for about as long as you have.... mine said that someone had tried to spend a large sum of money and they had noticed a problem. I was advised to confirm their suspicion that it was not true, and of course my immediate feeling was "thank god someone notcied a problem, let's sort this out". Of course, the alert was the scam, and the link was to an ebay-looking site etc. Thankfully i stopped myself before entering passwords etc.

All i can say is - remember that they really are out there trying to get you! Lock your doors, hammer wood across your windows and shelter under the table!! Seriously though, we all just need to keep reminding ourselves of **** like this and not get complacent in our ideas of being 'too clever for that sort of thing to get me'.

[Howard]

Originally Posted by XA04

Funnily enough I just got a new spam email (that I haven't seen before), which managed to get into my inbox and aparently came from eBay... it looked like it was a private message from through eBay (some user was asking how much I was selling an item for), and the respond button linked to a none ebay site.

I get loads of those, aparantly I've been buying and selling carpets, baseball cards, all sorts of rubbish. A swift delete is all that's needed

[Sair33]

I've had quite a few spoof emails too (in addition to the first one ). Mainly they have been complaints about an item from someone I allegedly sold something too.

Apparently you can tell the difference in an email... a genuine Ebay email will have your full name and log-in name at the top, whereas the spoof emails have your email address at the top...

Safest thing is never to enter ebay via an email though really!

[ACiD303]

Mainly they have been complaints about an item from someone I allegedly sold something too.

yeah, I got one of these the other day - went straight to straight to spambox - some guy wanted a refund off some baseball cards I "sold" him and one of them was in unacceptable condition . . . didn't even think it was anything suspicious but I just deleted it anyway.

[Waka]

The buggers are getting more clever.
I nearly got caught by a *very* clever one on ebay the other week.

I was searching for cars and a bunch of results came up each with thumbnails. I clicked on one of the thumbnails and it took me to a very convincing looking ebay login page! I very nearly logged in when I noticed the url - bloody clever though.

W.

[shelley bda]

Originally Posted by Sair

I've had quite a few spoof emails too (in addition to the first one ). Mainly they have been complaints about an item from someone I allegedly sold something too.

Apparently you can tell the difference in an email... a genuine Ebay email will have your full name and log-in name at the top, whereas the spoof emails have your email address at the top...

Safest thing is never to enter ebay via an email though really!

I used to get them even though I've never had an account with Ebay, used to get a couple a week until I emailed Ebay and asked them what the hell was going on, why was I getting these emails when I don't even have an account with Ebay, the emails i'm glad to say have stopped.

Barclays bank was another one until I also emailed them and asked what the hell was going on, the People that seek to rip off others are nothing but Vermin in my opinion

[Funkstar]

i get a lot of Bank of Scotland ones these days. Really should forward them onto their anti fraud devision, but Outlook filters them out and i just delete the lot when i can be bothered.