REPORT SUMMARY
Date Reported
23rd December 2003
Apparent Sender
eBay
Subject
NOTICE eBay
Obligatory Verifying
- Invalid
User
Information
Senders Address
(spoofed)
Ebay
Customer Support
Content
text and a
link to a fake
eBay
web page
(see images)
Spoofed Web page/site?
Yes
Web page/site
content
forged eBay web
page with web form
requiring eBay &
email user
name & password,
name & address
Bank,
Credit or Debit
Card details,
etc
Web page/site origin
URL
http://
210.96.31.150/
https/ebaySignIn/
Ebaycom/
errorphone/
index.htm
Identity Theft method
Web form information
is captured and
relayed to the
scammers using
a CGI
script
More...
Latest
phishing
scam
Another
Bank Email Scam
See our guide to
phishing scams
Other
Resources...
See our guides to
Free Utilities...
List of
Auction Sites
NOTICE eBay Obligatory Verifying - Invalid User Information - Email Phishing
Scam
23rd December 2003
Does your home phone number have an error on Ebay Inc. databases - No! Its a scam ...
This spoof email (as eBay and Paypal like to call these email scams) takes the form of a text email with a link (see images below).
The email text urges you to use the link to provide your telephone number due to an apparent error in eBay's database. This is of-course, a complete fabrication, and using the link will result in a forged eBay web form appearing in your browser.
This forged web form asks for much more than just
your telephone number (see images below) and includes all 'bells and
whistles' such as eBay's own logo's and graphics to add a sense of authenticity.
Thankfully, the link is not cloaked (see our article on link
cloaking) and will show up in the browser address bar as http://210.96.31.150/https/ebaySignIn/Ebaycom/errorphone
/ which is clearly NOT a valid eBay URL.
The first part of that URL reveals the true location of this fake eBay web page - a Korean High School ( Bobsong Commercial High School, Chonnam, Korea).
Stay informed of the latest Spoof Email Phishing Scams with either of our FREE alert services...
Email
Alerts
Add your email address to our email alert service...
Subscribe
Privacy Policy
RSS
News Feed
Tap into our Scam Alert service using your News Reader or Aggregator (including
My Yahoo!).
Scam Alert News Feed
You can even put the latest alerts on your own web site.
FORWARD
YOUR EMAIL SCAMS
TO KU.OC.SELIMSRELLIM@FOOPS
and help us to
build awareness and
help others
We also found a hard coded email address (briankbond@hotmail.com)
in the page, to which the data entered into the form would be forwarded,
together with the odd message "IReallyLoveU".
If you have received this hoax email, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content or the same but with the fake page(s) hosted by a different provider. Also, once you have received one of these hoaxes, it is also common place to receive at least another one and usually a day or two after the first, although not necessarily from the same apparent sender.
Take a good look at the following images, because this hoax email scam may be coming to an inbox near you!
The Email ...
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
||
The fake eBay web form page...
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
||
