Become an eBay Power Seller
You have added a new credit card home address!
Account Access Limited!
When you open them up, they look official (some more than others) and they will ask you to click on a link to verify your information for “your safety”. Let me assure you folks, clicking on those links will NOT be a good thing for you.
These types of emails are known as “phishing“. Wikipedia.org defines phishing as “In computing, phishing is the act of attempting to fraudulently acquire through deception sensitive personal information such as passwords and credit card details by masquerading in an official-looking email, IM, etc. as someone trustworthy with a real need for such information.”
Boiled down, this means these are bad people trying to get your informtion from you. The best idea is, if you get an email saying something is wrong with your account, go to the site on your own, NOT through a link in the email. See if there are any messages waiting for you when you log in. Again though, do NOT click on the links in the message.
Now, if you get one of these, you should forward them to the companies they are spoofing. The email addresses for forwarding them in the cases of Ebay and Pay Pal are firstname.lastname@example.org and email@example.com. When you do this though, you need to include in the body the “headers” from the email you recieved. Headers look like this:
Received: from smtp107.mail.sc5.yahoo.com (smtp107.mail.sc5.yahoo.com [188.8.131.52]) by rly-xg03.mx.aol.com (vx) with ESMTP id MAILRELAYINXG38-45e428c07ed204; Wed, 18 May 2005 23:28:45 -0400
Received: from unknown (HELO User) (firstname.lastname@example.org with login)
by smtp107.mail.sc5.yahoo.com with SMTP; 19 May 2005 03:28:38 -0000
Date: Thu, 19 May 2005 05:28:34 +0200
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
I know, it looks like gibberish, but it tells the security teams alot about where the email came from. (And btw, this came from a spoof I recieved, so I could care less who see’s all the info!)
Also keep in mind, spoofs can come in many forms, I even get tham about my bank account…at banks I have never dealt with.
So, long story short, never click on a link in any email unless it is a very trusted friend, even then, make sure they really sent it.