One way to have your eBay account Hijacked.

   / One way to have your eBay account Hijacked. #1  
J

Junkman

Super Member
Joined
Aug 15, 2002
Messages
7,386
Location
North East CT
Tractor
2003 Kubota BX-22
Below is an example of how people get their e bay account hijacked. I just got this e mail a couple of minutes ago. Many people would just follow the instructions and fill in the page as requested. After all, I'll bet that it does look just like an official eBay page when you go to it.

I did forward it to spoof@ebay.com

<font color="blue"> Dear eBay member


We recently noticed one or more attempts to log in to your eBay account from a
foreign IP address and we have reasons to believe that your account was hijacked
by a third party without your authorization.

If you recently accessed your account while traveling, the unusual log in attempts
may have been initiated by you.
However, if you are the rightful holder of the account, click on the link below,
fill the form and then submit as we try to verify your identity.

<font color="red"> This is the actual link, but I don't suggest that you try it. If you do, it is at your own risk and peril. </font>
http://cgi3.ebay.com//aw-cgi/eBayISAPI.dll?VerifyIdentity&ssPageName=eBayISAPIdentityXVERified2.html


The log in attempt was made from:
IP address: 205.188.209.166
ISP host: cache-dq04.proxy.aol.com


If you choose to ignore our request, you leave us no choice but to temporally suspend
your account.

We ask that you allow at least 72 hours for the case to be investigated and we
strongly recommend not to make any changes to your account in that time.

If you received this notice and you are not the authorized account
holder, please be aware that it is in violation of eBay policy to represent
oneself as another eBay user. Such action may also be in violation of
local, national, and/or international law. eBay is committed to assist
law enforcement with any inquires related to attempts to misappropriate
personal information with the intent to commit fraud or theft.
Information will be provided at the request of law enforcement agencies to
ensure that perpetrators are prosecuted to the fullest extent of the law.

*Please do not respond to this e-mail as your reply will not be received.

Thanks for your patience as we work together to protect your account.


Regards,

Safeharbor Department
eBay Inc.
</font>
 
   / One way to have your eBay account Hijacked. #2  
I especially like that "wait 72 hours" instruction. Just about enough time for a 3 day auction. /forums/images/graemlins/tongue.gif
 
   / One way to have your eBay account Hijacked. #3  
And I got this twice tonight

<font color="blue"> We are currently performing regular maintenance of our security measures.
Your account has been selected for this maintenance.

Please sign in twice. Once you signed in second time your ebay account will be automatically verified and updated.

Protecting the security of your eBay auction account is our primary concern,
and we apologize for any inconvenience this may cause.
Comments are welcomed!


Verify your identity

Your personal information will be verified instantly. All the data is protected by the industry standard SSL encryption. All information is required and is kept confidential in accordance with eBay's Privacy Policy.
</font>

And they wanted my email account name AND password
 
   / One way to have your eBay account Hijacked. #4  
I got two of these tonight also.

I left the form blank and then
clicked on the send button to see what would happen. The blank form went to a site and then transfered very quickly to the ebay signin page.

If you didn't know it was a scam and filled it out you wouldn't even know that someone had scammed you.

2810HST
 
   / One way to have your eBay account Hijacked. #5  
Not tonight, but I did fill out one of the login pages once, used a few words I couldn't use here. Muhammad would ban me /forums/images/graemlins/grin.gif
 
   / One way to have your eBay account Hijacked. #6  
I get that crap on a almost daily basis. I normally give them Junkmans eBay name and password. /forums/images/graemlins/wink.gif
 
   / One way to have your eBay account Hijacked.
  • Thread Starter
#7  
They will have a hard time telling the real Junkman from the imposter.....

Mike...... did you get my Bunny picture?????
 

Attachments

  • 389675-2464_1.gif
    389675-2464_1.gif
    30.9 KB · Views: 100
   / One way to have your eBay account Hijacked. #8  
Yep, all standard scam stuff I used to get on a regular basis.

One that got my attention was a bid confirmation with a handy link to login and verify it. Thought maybe the wife bid on something then looked at the item and price....Rut ro Raggy! Went direclty to Ebay and searched by the item number, yep its real. Then looked at my bid status....nothing.
Friggen scammers.

Trouble is they look real and intelligent, but not computer savvy, peeps fall for it way to much. Always go straight to Ebay yourself and don't use a link sent in an email.

Also the link may have a valid "link text" to it like the one below but you can assign it a different name or IP address. This can be verified by holding your mouse over the link and looking at the text on the bottom of the browser window. Some are more blatent than others. See how this is different?

The "link text" below is valid meaning if you just copied the text and pasted it into yoiur browser it would take you to Ebay. But if you click on it... it takes you some place dark and evil /forums/images/graemlins/shocked.gif
Btw...don't click on this, you'll just get an error page. Its' just an example.
http://cgi1.ebay.com/aw-cgi/ebayISAPI.dll?
 
   / One way to have your eBay account Hijacked. #9  
Not related to EBay, but the latest scam I've been getting is Email from my Email provider saying I'm going to be disconnected if I don't check out whatever it is they have attached to the message.

The hilarious thing is, the email server they are talking about is part of one of my web sites -- I'm the administrator and the only person who receives email through that account. If the message was legitimate, I'd be sending it to myself.

Norton catches the messages -- the attachment contains a virus.

But, it's very official looking, and I bet a lot of people with generic email addresses fall for it. The messages are shown as from "support@account.com". The English was pretty bad in the first 4 or 5 I received, but it has been improving in the later ones. I've been getting a couple of them a day for the past week or so.
 
   / One way to have your eBay account Hijacked. #10  
Hi Don. I got this message last night in my email box. I'm sorry to have to say goodbye to you guys, but I'm gonna contact my new "bizzniz" partner, Mark Collin and get rich. /forums/images/graemlins/shocked.gif /forums/images/graemlins/laugh.gif

Here's the lure. It's proof that everything funny ain't from Leno or Letterman. /forums/images/graemlins/grin.gif
----------------------
Hello Jim Inman
THis letter might come as a surprise you,espacilly since we have never met or discussed before.I know this story might sound strange to you,but it is factual in reality if only you care to know should have notified you first through a more confidencial means,at least to respect your integrity.Please accept my humble apologies if i had caught you unaware, I frankly do not mean any harm or to embarass you.only want to know if you can co-operate with me to execute this deal that is laying stagnant in the vault of this company.

I am Mr.Mark Collin,Assistant Director of Delivery/Operations,Guinea coast security and finance Company here in Senegal West Africa.Our firm is a Security Company of high repute with years of outstanding services to the people of Africa especially top government officials and military leaders here in Africa.

I have resolved to contact you through this medium based on business proposal that will be of mutual benefit to both of us.I have not discussed this transaction with anybody because it is of top secret.To be explicit and straight to the point, sometime early 2001 a reputable client of ours deposited a consignment in our company's vault for safekeeping and since then our client has failed to come forward to claim his consignment,which has accumulated a considerable amount of money in demurrage.

Consequently,in our bid to contact this client to redeem the demurrage which his consignment had accumulated we discovered that our client was the former chief Rabel Leader of the Federal Republic of
Sierra Leone,who died of illness after he was captured
by (ECOMUG SOLDIERS), in the same year the consignment
was entrusted into our care. Since the death of our
client Mr.Sekuo Seseko,none of his benefactors has
come forward to claim the consignment with us,which
means that none of his relative or aids had any knowledge of this consignment.

Out of curiosity I decided to secretly open the two boxes that our client deposited in our vault and to my surprise I discovered that the two boxes that were registered as treasure by our client actually contained a considerable amount of money in United State Dollars amounting to about eighteen millon five hundred thousand dollars since this development I have been nursing plans secretly. I also found out from enquiries and foreign medias that our late client siphoned a lot of money from his country while he was incharge as Rabel Leader through DIAMOND SALES.

It is my conviction that the consignment in our vault was part of the money in our care.I am now soliciting your noble co-operations to assist me in moving this boxes out to our affiliates in Europe which is where through my arrangement it can be retrieved for investment with your assistance.Being a Director of Delivery and Operations I do not fully have unlimited powers to take away these boxes hence,I had to seek for a reputable reliable business inclined third party.

Please if you are interested contact me for more directives.thank you and may God help us.
Yours faithfully,
Mr Mark Collin
 
You must log in or register to reply here.
 

Footer Links 1

Top