In a previous tutorial (Citibank Phisher Scheme) I talked about spoof emails and phisher schemes and what you could do to avoid them. This morning (March 12, 2005) I fell for an eBay related phisher scheme. As you can probably imagine I started to panic the minute I realized what I had done.

In this tutorial I’ll show you what you can do if you find yourself in the same predicament.

The first rule when checking email is (or should be) be suspicious. I have been doing a lot of selling on eBay recently and have been receiving a number of emails related to the auctions that I have been placing. I guess that’s why I fell for this scam. In retrospect, there were a number of red flags that should have been raised as I went through this encounter (which lasted all of 5 minutes).

Here is the email that I received at 7:41 and 8:32 am on March 12, 2005 and below is the text of that email.

Dear easyauctions-wv,

During our regularly scheduled account maintenance and verification procedures, we have detected a slight error in your billing information.

This might be due to either of the following reasons:

  1. A recent change in your personal information ( i.e. change of address).
  2. Submitting invalid information during the initial sign up process.
  3. An inability to accurately verify your selected option of payment due to an internal error within our processors.

Please update and verify your information by clicking the link below:

https://arribada.ebay.com/saw-cgi/eBayISAPI.dll?PlaceCCInfo

If your account information is not updated within 48 hours then your ability to sell or bid on eBay will become restricted.

Thank you

The eBay Billing Department .

Copyright © 1995-2005 eBay Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
Use of this Web site constitutes acceptance of the eBay User Agreement and Privacy Policy.

I made every rookie mistake during this entire transaction. I ignored the fact that I received two of the same message. I missed the fact that when clicking on the address in the email it took me to a completely different address. I neglected to verify that I was on a secure site. I forgot that eBay sends messages via your online account. I ignored the fact that my browser, which normally auto fills my user name, didn’t.

With all of those red flags raised, I should have recognized the fact that this was a scam! But, I didn’t and here we are. So, what did I do (what can you do) in the minutes after falling for this scam? I’ll show you the steps I took to (hopefully) protect my account from any security breach that I may have caused.

Use my mistake and learn from it.

8:30am - Logged on to computer. Checked email, read message from “Service@ebay.com”.
8:31am - Clicked on link to update and verify infomation. Typed in user name and password. Password was not accepted (Invalid).
View spoof site [image].
8:31:45am - Sinking feeling in stomach. Realization that I had just entered my user name and password on a spoof site.
8:32am - Went to eBay account, logged in, changed password.
8:33am - Called Dad to warn him about Spoof email.
8:40am - Searched eBay help guide for information on securing account. Found: Securing Your Account and Reporting Account Theft
8:42am - Took the following steps to secure the account:

  • Requested a new eBay password
    • Reviewed contact information within my eBay account to verify that it had not changed.
      • Changed the secret question and answer on my eBay account.
        • Searched my account for active bids or listings that were unauthorized.
          • Reported spoof email to eBay [spoof@ebay.com].
            • Changed password on PayPal account (just to be sure). </ul> eBay got back to me quickly regarding the spoof email and verified that it was not sent by them, confirming my colossal blunder.

              By about 9am I started to feel better that everything was going to be okay. I believe I caught the problem quickly enough. By responding to the email in the first place I’ve probably opened myself up to getting more and more spoof emails like this one.

              For more information on how to protect yourself visit the following links, and keep your skeptics hat on.

              eBay.com: Email and Websites Impersonating eBay
              eBay.com: Suggestions for Minimizing Unwanted Email
              eBay.com: How to Spot Spoof (Fake) Emails (Tutorial)

Have a question? Found this useful? Let me know on Twitter, .