Sunday, August 08, 2004

FTC National Resource for ID Theft: your account at eBay has been suspended

Federal Trade Commission - Your National Resource for ID Theft
If you ever complete any of these "phishing" emails, like the one I describe below, you'll need this link! Here's some background for those who've never bothered to investigate these scams.

I get at least 10 "contact eBay urgently" messages every week. If nothing else, the scum sucking scammers sending the messages are really hurting eBay's ability to reach their customers.

Today, on a whim, I decided to follow the link in one of those messages. I run Safari on OS X, so I wasn't that worried about viruses and browser hijacking.

This was the message. It looked reasonably genuine, only one grammatical error suggested the author was not a native english speaker:
Dear eBay User,

We regret to inform you, that we had to block your eBay account because we have been notified that your account may have been compromised by outside parties.

Our terms and conditions you agreed to state that your account must always be under your control or those you designate at all times. We have noticed some activity related to your account that indicates that other parties may have access and or control of your information in your account.

Please be aware that until we can verify your identity no further access to your account will be allowed. As a result,Your access to bid or buy on eBay has been restricted. To start using your eBay account fully, Please uptake and verify your information by clicking below

http://signin.ebay.com/aw-cgi/eBayISAPI.dll?Verify

Regards,

eBay Member Service

**Please Do Not Reply To This E-mail As You Will Not Receive A Response**
In the message I received clicking on the link doesn't go to eBay at all, it goes here:

http://signin_ebay_com_account.pornosin.com:7308/ebay.htm

There I completed an extensive and astounding form that requested everything anyone could steal. My SSN, eBay passwords, bank account information, credit card numbers, mother's maiden name, etc. I filled it full of nonsense. I suppose one way to hurt these scum would be to create a software program that would complete these forms with meaningless data that would be costly for the scammers to verify. It would raise their cost of operation. If I were eBay, that's what I'd be doing to fight back.

BTW, here's the whois entry for pornosim:
Domain Name: PORNOSIM.COM
Registrar: NAMESDIRECT.COM, INC.
Whois Server: whois.namesdirect.com
Referral URL: http://www.namesdirect.com
Name Server: No nameserver
Status: ACTIVE
Updated Date: 09-apr-2004
Creation Date: 09-apr-2004
Expiration Date: 09-apr-2005
It was apparently created in April of 2004, I suspect it will only be transiently active.

No comments: