geeky · personal

almost killed by fraud

OMG, this is the closest i ever come to having lost my life.

i’m so scared now i think the entire process over.

two days ago, i got this email from aw-confirm@ebay.com
———————
Dear eBay User,

To protect the security of your account, eBay employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the eBay system for unusual activity.

We recently have determined that different computers have logged onto your eBay account, and multiple password failures were present. We now need you to re-confirm your account information to us. If this is not completed we will be forced to suspend your account , as it may have been used for fraudulent purposes. We thank you for your cooperation in this manner. If the account information is not updated to current information within 5 days then, your access to bid or buy on eBay will be restricted.

go to this link below:

http://www.iebayi.net/memb/avncenter/BayISAPI.dll/6vxcvv5v565&f65f6f=5765w809022v……..geName=hUS.html NOT POSTED FOR YOUR PROTECTION

Thank you for your prompt attention to this matter. Please understand that this is a security measure meant to help protect you and your account.

We apologize for any inconvenience.

If you choose to ignore our request, you leave us no choise but to temporaly suspend your account.

Thank you,
eBay © Accounts Managent

As outlined in our User Agreement, eBay will periodically send you information about site changes and enhancements. Visit our Privacy Policy and User Agreement if you have any questions.
———————
These are the information the form asks: (screenshot of the form 1) (screenshot of the form 2)

Section 1
Name (from credit card statements)
Address (from credit card statements)
City
State
Zip/postal Code
Country
Phone Number
Credit Card Number
(e.g. 1234 5678 1234 0000 for Visa)
Expiration Date
Bank Name
Account Number
Checking Account Number
Bank Routing Number
Credit Card Verification (CVV) Number
Bank Phone Number
Birth Date(DD/MM/YY)
Mother’s Maiden Name
Social Security Number

Section 2
Email
eBay ID
eBay Password
Paypal Password

I was going to fill out the form but I didn’t have anything that would indicate my bank account number so I thought I’d get a check from home and do it today.

And today I’ve already filled out the entire form and was ready to submit but all the sudden I remembered getting email from ebay saying they will never ever ask for our account password. Then I noticed the url is not from http://www.ebay.com.

I then talked to a live representative on ebay who asked me to forward the email to spoof@ebay.com.

This is the reply I got about 2 seconds later:
———————
Hello,

Thank you for writing to eBay regarding the email you received.

Emails such as this, commonly referred to as “spoof” or “phished” messages, are sent in an attempt to collect sensitive personal or financial information from the recipients.

The email you reported was not sent by eBay. We have reported this email to the appropriate authorities.

In the future, be very cautious of any email that asks you to submit information such as your credit card numbers or passwords. If you are ever concerned about an email you receive from eBay, simply follow these steps:

1. Open a new Web browser and type http://www.ebay.com into your browser address field to go directly to the eBay site.

2. On eBay, click on the “My eBay” link at the top of the page and sign into your account.

3. Check the “My Messages” link located on the left side of the My eBay page. If an email affects your eBay account, it’s now in “My Messages.” Any email sent to your registered eBay email address from eBay or from another eBay member via eBay’s member-to-member communication system will also appear in “My Messages.”

Just remember, if you get an email regarding a problem with your account or that is requesting personal information, and the email looks like it is from eBay, please check My Messages first. If it’s not there, it’s a fake email.

If you still have any doubt about whether an email message is from eBay, please forward it to spoof@ebay.com immediately. Do not respond to it or click any of the links. Do not remove the original subject line or change the email in any way when you forward it to eBay.

If you have already entered sensitive personal information, financial information, or your password into a Web site based on a request from a spoofed email, you should take immediate action to protect your identity and all of your online accounts. We have developed an eBay Help page with valuable information regarding the steps you should take to protect yourself.

http://pages.ebay.com/help/tp/isgw-account-theft-reporting.html

To review eBay’s new tutorial about Spoof Emails, please see the following Web page:

http://pages.ebay.com/education/spooftutorial/

To help you better protect yourself from fake eBay and PayPal Web sites, we have developed a feature for the eBay Toolbar called “Account Guard.” Account Guard includes an indicator of when you are on an eBay or PayPal Web site or a known spoof (or “phishing”) site, buttons to report fake eBay Web sites, and a password notification feature that warns you when you may be entering your eBay password on an unverified site.

To learn more about the eBay Toolbar with Account Guard, please go to http://www.ebay.com, click on “Downloads” at the bottom of the page, and then click on the “eBay Toolbar” link.

We also recommend that you keep your browser, operating system, and virus protection software up to date. Check for updates at the “Windows Update” link on http://www.microsoft.com and scan your computer for viruses often.

Once again, thank you for alerting us to the spoof email you received. Your efforts help keep eBay a safe and fair place to trade.

Regards,

Ande
eBay SafeHarbor
Investigations Team
———————

Yes I do feel very stupid but I’ve been so used to giving out credit card information online for shopping purpose, I don’t think too much of it. If the spoof weren’t too greedy and wanted my passwords too I just might give it to them. OMG, that’s so fucking scary! My heart won’t stop pounding now I’m sober and thought over what if…..

Please learn from my experience and do not trust everything you get in your email!

I’m going to read all the tips ebay provides.

18 thoughts on “almost killed by fraud

  1. I had that happen to me this summer. But, I was unable to access the link at that time I hadn’t confirmed my account which a registered back in January to get some textbooks.

  2. wah…a good thing you remembered in time. Be wary about giving so much info about yourself,esp when it comes to paypal and credit cards. Always check the url.

  3. I almost fell for this trick the first time as well. I’ve received numerous e-mails from eBay just like yours. When I get eBay e-mails, I usually ignore the ones that ask or refer about my account. I’m glad to hear that you talked with eBay about this issue. 🙂

  4. wow that’s terrible, good thing you didn’t submit your information. i noticed that they spelled “temporarily” incorrectly — (temporaly) :down:

  5. I received that too but it felt strange OMG and also…i don’t have an eBay account yuck, so I forwarded everything to eBay and they sent me the same answer….I was so mad aboutt it! :yell:

  6. Now worries! I almost klicked on a spoof e-mail link as well, but didn’t trust it in the end. From than on I always forward supicious e-mail to spoof@ebay.com. It’s a good thing your pointed this out! I’m glad you didn’t submit the form (;;^_^)

  7. I received an e-mail like that too! I was going to click around, but I decided not to because I thought it would be a fake. So lucky that you didn’t fill it out though, that would have been so crazy.

  8. Ohh, that IS scary! I keep getting emails from ‘PayPal’ and they keep asking me to update my account and stuff and I know right away it’s not them. I’ve never fallen for it. I always look at the URL, even though sometimes it’s SO close to being paypal. It usually says like user.paypal.com/cgi-bin/blahblahblah… so the user part looks like it’s PayPal but it doesn’t. I would advise everyone to read the PayPal tips and Ebay stuff too. Just to be safe.

    You are so lucky that you didn’t give it all out! Man, that would be soo scary! Glad you’re ok though! *hugs*

  9. Holy Crap. It’s funny, the first thing I noticed reading the email was the web address wasn’t ebay.com it was iebayi I’m so happy you didn’t turn in that info, it’s amazing how they can do stuff like this.. and horrible, I hope they take the site they are doing this from off… the iebayi site… anyway, I’m so glad you didn’t do it! That would have flipped me out too.

  10. What a mofo. I don’t evet trust anyone with emails like that, but I guess you do have an eBay account, if I’m right. I remember I got a bogus from Paypal once as well. I hope everything is ok and that little punk recieves his karma.

    -Anna

  11. I’m always surprised at how many people fall for those scams. It’s because you’re stupid, please don’t think that, it’s very clever how they do it. But as an IT Professional, it’s my job to keep on top of these security issues and I often forget that your average internet user simply doesn’t have that knowledge.

    I’m pleased that you didn’t fall for it. Hope your heart slows back down to normal again soon.

    BTW, before I go.. I’m a tech admin for your ISP and was just wondering if you could confirm your wordpress username and password for me please 🙂

  12. I get so many of these fake emails from paypal and ebay I don’t even know what to do with them lol. I know what you mean though I’ve almost fallen for it a few times when I wasn’t really paying attention. Now I get so many that I figure if ebay is going to really close my account they can go ahead I’ll just sign up again. I just throw everything away that hasn’t been blocked by my email already. Unless of course its something to do with something I just bought. Then of course I’m ready for it 🙂

  13. Be careful forwarding these emails on. Hit copy and paste and NOT the forward button. I got one today from paypal and it corrupted the computers’ system (on two computers). I couldn’t access anything, even the reboot went straight to the ctrl alt delete screen.
    Managed to get back up using the windows disk but the other computer still has issues even after two system restores.
    I let paypal know so they stop asking for the email to be forwarded – hopefully.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s