Watch it guys, another round of fake emails from eBay asking (demanding) that your credit card information be verified is on the boards again.
This email, proportedly from " snipped-for-privacy@ebay.com" is particularly nasty because it looks like an official eBay page, logos and all.
Stay away from this puppy! If you have any doubts at all, go to the official eBay website and click on "security". If you feel you need to talk to eBay, do it on the landline (telephone).
Regards,
Marv
The logos diddn't look quite right to me, but still...
I've forwarded a copy to the webspace provider.
The one I just got actually pulls the logos off eBay's web site, if you let it (I don't) and contains links to the "about" and other legitimate eBay information actually on their site. 8-(
This obfuscated line in the source:
eBay
(everyhing before the @ is ignored) leads you to port 7301 on the domain 211.51.197.233 , which I think is a probaby compromised box in South Korea. The perpetrators could be just about anywhere.
The obfuscation scheme is simple, the @ allows them to put the phony "ebay.com" at the front, and %3x is an obfuscated digit x (the ASCII code for that digit with a % sign in front, like the %20 space. Similarly, the directory on the remote machine is /%65%62%61%79.%68%74%6D or /ebay.htm
Bastards. Who do you report this to?
Best regards, Spehro Pefhany
Bastards. Who do you report this to?
"I'm not grown up enough to be so old!"
eBay
The copy I got referred to
All of which brings up a question I have been pondering.
The Govt has absolutely no authority to chase down these jerks in another country. Even if treaties allow them to do so, the jerks will just move on to a country that doesn't. The current anti-spam scheme of the government is another list of "do not spam" addresses. For the most part, isn't this just a perfect list of good e-mail addresses for offshore spammers to draw from? It seems like a give-away mailing list for them.
Koz
Spehro Pefhany wrote:
To report it to eBay, follow the instructions below (from eBay):
"Forward the entire message to snipped-for-privacy@ebay.com using the forward function of your email program. When forwarding the message, do not change the subject line, send additional text, or forward the message as an attachment. Forwarding the message in this manner will allow us to review the message headers and any other information that may be attached to the email."
Terry
eBay
Whenever I see this sort of garbage I always have to wonder what lame-brained programer decided to make the language capable of such crap. So many of the security problems are due to stupid "features" like this.
eBay
It's needed. For example it's very handy to be able to quote any web address in email or documents that may not support charachters in the URL. This was especially true in 1989, when systems were a lot less transparent to varying charachter sets, and chars could get munged by transitions between systems.
Also, remember that when the web was invented (1989), the first major spam (the green card spam) was five whole years in the future.
It was common for accounts to be deleted for posting bad language, or adverts. The commercial internet was in its very infancy, and largely dependant on interconnection with govermental networks. Abuse was taken far, far, far more seriously.
The thought of commerce, nevermind fraud on the internet was still largely years away.
Maybe the problem is best solved *without* government(s) being heavily involved. Let the police go after actual money being stolen and let's have a technical solution to the spam problem.
Best regards, Spehro Pefhany
This last restriction makes it difficult for them to receive useful reports of at least one form of this scam, which consists of a little HTML, and a .gif image of the text of the message. No attachments translates into no copy of the .gif -- thus no idea what it said.
You supposedly click on a "link" in the message. In reality, clicking anywhere in the displayed screen will do the same thing -- the whole image is sensitive, and the underlined blue text is to make you
*think* that there is a link to click on.Enjoy, DoN.
PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.