Pretty clever eBay fraud?
 

I'm not a huge eBay user, but do a bit.

This may be common knowledge, but I'm not sure I've heard of it and it hasn't happened to me before.

I got the following email:

http://forums.pelicanparts.com/uploa...1130783969.jpg

Now, like I said, I don't do a ton of ebay, so I'd recognize all of the names of the people I've sent to in the past 6 months.

I am also super-cautious and ONLY will send items out by trackable mail. I send quickly and always send an e-mail to the buyer giving him the tracking number that day. I also often take a picture of the package in the hands of the USPS worker! I never want to be blamed for not shipping.

So when I got the e-mail, it seemed suspicious. The message "I'm still waiting the package to arrive. What happened? Please mailme ASAP or I will report you to ebay." seemed suspicious. Too vague, didn't specify the item, and seemed a bit too threatening (although to their credit, it is relatively typo free and not written in the typical "I have not prcoured the parcelpost which I was to receive, dutifully yours, etc." Nigerian fraud style).

And I didn't recognize the name.

I looked up the supposed sender, "rivernick," that seemed suspicious, too. Registered years ago, with only a couple of transactions, none recent. I.e., a seemingly dormant account.

If you can read my "screen shot," it says that you can't respond directly to the e-mail, you have to go through ebay by clicking on the button. ("eBay sent this message on behalf of an eBay member via My Messages. Responses sent using email will not reach the eBay member. Use the Respond Now button below to respond to this message.")

When you click on the button, you get sent to a site that looks like the ebay login site. Except if you see the title of the site, it has the word "redirect" in it. That doesn't seem right.

And normally when I log onto eBay from my computer, I don't have to type in that info (cookies remembers it??).

I assume that if you type your info in, they now have your name and login, and can run all kinds of fake auctions.

I wonder how eBay is going to do in the long term. It seems like it will eventually collapse under the weight of fraud. I'd imagine that many, if not most, people would fall for the scheme like this one. For instance, I know my mother or father would, if they used eBay, and they are reasonably smart, careful people.

I bet there is a ton of ebay fraud that happens that ebay makes a big effort to keep quiet.

Report this to ebay. just forward the whole email to them and they will chase it. DO NOT ENTER ANY INFO. After you send it to ebay. DELETE THE MESSAGE THEN DELETE IT FROM YOUR TRASH.

I too wonder about how much ebay fraud is out there, but I'm sure they have a signfigicant number of people working on... ...keeping it quiet.

More about URL redirect URLs
http://news.netcraft.com/archives/2005/05/12/antifraud_open_redirect_detection_service.html

I received a similar Email. However, the author demanded Paypal payment for a purchase I supossedly just made with them. It actually had me going for a bit as I just completed a few transactions. I quickly forwarded to Spoof@Ebay(or Paypal).com

The latest and greatest phishing emails are using buttons that send you to another site. Too many people are onto the fact that you can look down in the status toolbar while hovering your mouse over and HTML link, and see the bogus phish URL. Buttons hide that nicely. The only good way I have come up with to detect the phish URL without clicking through is to "view source" and find the linked URL in the source code. Not user-friendly however; I think this is probably beyond the average/casual internet user, so the scammers will likely ride this one for a while with great success..

You should put something like this in the web form:

Username: suckmy****
Password: youhavebeenreportedtotheFBI

I'll bet you money the next screen will make it look like your login was successful.