I got this email purporting to come from eBay inviting me to become a
"Titanium Power Seller". I'll Forward it as the first reply to this. They
almost had me, had they not used the wrong font on their fake signing in
page. When I noticed that I realised that the address looked dodgy too.
"Synapse Syndrome" <synapse@NOSPAMgomez404.elitemail.org> wrote in message
news:dcr3vl$4k4$1@nwrdmz03.dmz.ncs.ea.ibs-infra.bt.com...
> I got this email purporting to come from eBay inviting me to become a
> "Titanium Power Seller". I'll Forward it as the first reply to this.
> They almost had me, had they not used the wrong font on their fake signing
> in page. When I noticed that I realised that the address looked dodgy
> too.
Among numerous other things, the little gold "lock" that appears on your
toolbar when you visit secure sites *WON'T* appear in these phishing
email sites. Also, run a "WHOIS" on the actual URL that appears in your
URL "address" bar (if you are using ver 6.0 of IE, or Firefox or
Netscape.) It will not be eBay's URL (66.135.192.87, etc.) If it's not
66.135.xxx.xxx, then it's not eBay.
"ric" <nospam@home.com> wrote in message
news:s%8Ie.168478$go.94843@fed1read05...
> "Synapse Syndrome" <synapse@NOSPAMgomez404.elitemail.org> wrote in message
> news:dcr3vl$4k4$1@nwrdmz03.dmz.ncs.ea.ibs-infra.bt.com...
>
>> I got this email purporting to come from eBay inviting me to become a
>> "Titanium Power Seller". I'll Forward it as the first reply to this.
>> They almost had me, had they not used the wrong font on their fake
>> signing in page. When I noticed that I realised that the address looked
>> dodgy too.
>
> Among numerous other things, the little gold "lock" that appears on your
> toolbar when you visit secure sites *WON'T* appear in these phishing
> email sites. Also, run a "WHOIS" on the actual URL that appears in your
> URL "address" bar (if you are using ver 6.0 of IE, or Firefox or
> Netscape.) It will not be eBay's URL (66.135.192.87, etc.) If it's not
> 66.135.xxx.xxx, then it's not eBay.
>
>
Yeah, I did a WHOIS and it comes from Taiwan.
I forgot to say that I sent it to these groups because I'm pretty sure that
my email address was found in one of these groups, as it my usenet address
which gets forwarded to my main account.
Please explain what a "WHOIS" is about and how it is done. Thank you.
"ric" <nospam@home.com> wrote in message
news:s%8Ie.168478$go.94843@fed1read05...
> "Synapse Syndrome" <synapse@NOSPAMgomez404.elitemail.org> wrote in message
> news:dcr3vl$4k4$1@nwrdmz03.dmz.ncs.ea.ibs-infra.bt.com...
>
>> I got this email purporting to come from eBay inviting me to become a
>> "Titanium Power Seller". I'll Forward it as the first reply to this.
>> They almost had me, had they not used the wrong font on their fake
>> signing in page. When I noticed that I realised that the address looked
>> dodgy too.
>
> Among numerous other things, the little gold "lock" that appears on your
> toolbar when you visit secure sites *WON'T* appear in these phishing
> email sites. Also, run a "WHOIS" on the actual URL that appears in your
> URL "address" bar (if you are using ver 6.0 of IE, or Firefox or
> Netscape.) It will not be eBay's URL (66.135.192.87, etc.) If it's not
> 66.135.xxx.xxx, then it's not eBay.
>
>
In message <s%8Ie.168478$go.94843@fed1read05> "ric" <nospam@home.com>
wrote:
>"Synapse Syndrome" <synapse@NOSPAMgomez404.elitemail.org> wrote in message
>news:dcr3vl$4k4$1@nwrdmz03.dmz.ncs.ea.ibs-infra.bt.com...
>
>> I got this email purporting to come from eBay inviting me to become a
>> "Titanium Power Seller". I'll Forward it as the first reply to this.
>> They almost had me, had they not used the wrong font on their fake signing
>> in page. When I noticed that I realised that the address looked dodgy
>> too.
>
>Among numerous other things, the little gold "lock" that appears on your
>toolbar when you visit secure sites *WON'T* appear in these phishing
>email sites. Also, run a "WHOIS" on the actual URL that appears in your
>URL "address" bar (if you are using ver 6.0 of IE, or Firefox or
>Netscape.) It will not be eBay's URL (66.135.192.87, etc.) If it's not
>66.135.xxx.xxx, then it's not eBay.
>
Actually it's fairly trivial for a phisher to use SSL (the little gold
lock), this should not be trusted as an indicator of whether or not
you're on a phishing site or a real one.
--
Failure is not an option. It's bundled with your software.
"Synapse Syndrome" <synapse@NOSPAMgomez404.elitemail.org> wrote in message
news:dcr3vl$4k4$1@nwrdmz03.dmz.ncs.ea.ibs-infra.bt.com...
>
> I got this email purporting to come from eBay inviting me to become a
> "Titanium Power Seller". I'll Forward it as the first reply to this.
> They almost had me, had they not used the wrong font on their fake signing
> in page. When I noticed that I realised that the address looked dodgy
> too.
I've had only one ebay scam sent to me before. It was quite obvious it was a
fake just from the poor english but just looked wrong in general. They can't
be too bright, although maybe they don't need to be.
"DevilsPGD" <spamsucks@crazyhat.net> wrote in message
news:bv82f1hkt55k7192sh9upke27tpada1bmf@4ax.com...
> Actually it's fairly trivial for a phisher to use SSL (the little gold
> lock), this should not be trusted as an indicator of whether or not
> you're on a phishing site or a real one.
I've yet to get a phishing email from someone using a verified
secure site.
In message <INhIe.168556$go.112203@fed1read05> "ric" <nospam@home.com>
wrote:
>"DevilsPGD" <spamsucks@crazyhat.net> wrote in message
>news:bv82f1hkt55k7192sh9upke27tpada1bmf@4ax.com.. .
>
>> Actually it's fairly trivial for a phisher to use SSL (the little gold
>> lock), this should not be trusted as an indicator of whether or not
>> you're on a phishing site or a real one.
>
>I've yet to get a phishing email from someone using a verified
>secure site.
>
Only because phishers are lazy. They're trivially easy to set up
though.
--
If I were still loyal to the Goa'uld, you would know it.
It would be immediately apparent as I would not hesitate to kill you where you sit.
-- Teal'c
DevilsPGD wrote:
> In message <INhIe.168556$go.112203@fed1read05> "ric" <nospam@home.com>
> wrote:
>
>
>>"DevilsPGD" <spamsucks@crazyhat.net> wrote in message
>>news:bv82f1hkt55k7192sh9upke27tpada1bmf@4ax.com. ..
>>
>>
>>>Actually it's fairly trivial for a phisher to use SSL (the little gold
>>>lock), this should not be trusted as an indicator of whether or not
>>>you're on a phishing site or a real one.
>>
>>I've yet to get a phishing email from someone using a verified
>>secure site.
>>
>
>
> Only because phishers are lazy. They're trivially easy to set up
> though.
>
Don't you need a certificate from Verisign or Twaite or something?
Michael C wrote:
> I've had only one ebay scam sent to me before. It was quite obvious it was a
> fake just from the poor english but just looked wrong in general. They can't
> be too bright, although maybe they don't need to be.
There's a lot more people a lot less bright out there, you only have to
be smarter than the person you're trying to outwit. I get loads of egay
emails, the first thing I do is look at the address it was sent to,
haven't yet had one sent to the address I signed up to ebay with (mind
ewe, I haven't bought or sold anything on there yet).
Trevor Best wrote:
> Michael C wrote:
> > I've had only one ebay scam sent to me before. It was quite obvious it was a
> > fake just from the poor english but just looked wrong in general. They can't
> > be too bright, although maybe they don't need to be.
>
> There's a lot more people a lot less bright out there, you only have to
> be smarter than the person you're trying to outwit. I get loads of egay
> emails, the first thing I do is look at the address it was sent to,
> haven't yet had one sent to the address I signed up to ebay with (mind
> ewe, I haven't bought or sold anything on there yet).
>
Also if they don't use your name.
The address it is sent to is a dead giveaway, anything like that I get
to my NG posting address is binned.
The Ebay Toolbar will also warn you if you go to a site that isn't one
of their's but looks like it.
seful for people who ebay a lot. Auction ending alerts etc
Damon
In article <42f1c361$0$306$da0feed9@news.zen.co.uk>, Trevor Best
<nospam@besty.org.uk> writes
>There's a lot more people a lot less bright out there, you only have to
>be smarter than the person you're trying to outwit. I get loads of egay
>emails, the first thing I do is look at the address it was sent to,
>haven't yet had one sent to the address I signed up to ebay with (mind
>ewe, I haven't bought or sold anything on there yet).
It's a lot more simple than that, anything that requests me to confirm
my details is deleted straight away.
Mike
--
Michael Swift We do not regard Englishmen as foreigners.
Kirkheaton We look on them only as rather mad Norwegians.
Yorkshire Halvard Lange
It's a scam. Never click on a link to eBay from your e-mail even those which come from eBay. Doing so is a recipe for disaster.
--
George Hester
_______________________________
"Synapse Syndrome" <synapse@NOSPAMgomez404.elitemail.org> wrote in message news:dcr3vl$4k4$1@nwrdmz03.dmz.ncs.ea.ibs-infra.bt.com...
>
> I got this email purporting to come from eBay inviting me to become a
> "Titanium Power Seller". I'll Forward it as the first reply to this. They
> almost had me, had they not used the wrong font on their fake signing in
> page. When I noticed that I realised that the address looked dodgy too.
>
> ss.
>
>
"Michael Swift" <mike.swift@yeton.co.uk> wrote in message
news:D8IAbKAl0e8CFwxP@ntlworld.com...
> It's a lot more simple than that, anything that requests me to confirm
> my details is deleted straight away.
But plenty of genuine emails come in from ebay that require you to sign in.
Maybe the signin screen isn't the first one you see but it's always just 1
click away. It would be pretty easy to fool a lot of people with this.
In article <42f6f4ff$0$18639$14726298@news.sunsite.dk>, Michael C
<me@nospam.com> writes
>> It's a lot more simple than that, anything that requests me to confirm
>> my details is deleted straight away.
>
>But plenty of genuine emails come in from ebay that require you to sign
>in. Maybe the signin screen isn't the first one you see but it's always
>just 1 click away. It would be pretty easy to fool a lot of people with
>this.
Anything from ebay I've had has been relevant to a purchase so contained
details I would not expect a con merchant to know.
You would have to be a bit thick to receive an e-mail saying your
account has been used illegally and could you please confirm your
passwords and Visa details, and yes I know such people do exist.
Mike
--
Michael Swift We do not regard Englishmen as foreigners.
Kirkheaton We look on them only as rather mad Norwegians.
Yorkshire Halvard Lange
On Mon, 08 Aug 2005 16:24:56 GMT, Michael Swift
<mike.swift@yeton.co.uk> wrote:
>In article <42f6f4ff$0$18639$14726298@news.sunsite.dk>, Michael C
><me@nospam.com> writes
>>> It's a lot more simple than that, anything that requests me to confirm
>>> my details is deleted straight away.
>>
>>But plenty of genuine emails come in from ebay that require you to sign
>>in. Maybe the signin screen isn't the first one you see but it's always
>>just 1 click away. It would be pretty easy to fool a lot of people with
>>this.
>
>Anything from ebay I've had has been relevant to a purchase so contained
>details I would not expect a con merchant to know.
>
>You would have to be a bit thick to receive an e-mail saying your
>account has been used illegally and could you please confirm your
>passwords and Visa details, and yes I know such people do exist.
>
Agreed, I don't recall anything ever received from ebay that
required clicking-through any email links though it is a
good point you made about currrent aution status updates.
One can go to ebay through main 'site URL and log into their
account if/when necessary.
On Mon, 08 Aug 2005 18:22:14 GMT, kony <spam@spam.com> wrote:
>On Mon, 08 Aug 2005 16:24:56 GMT, Michael Swift
><mike.swift@yeton.co.uk> wrote:
>
>>In article <42f6f4ff$0$18639$14726298@news.sunsite.dk>, Michael C
>><me@nospam.com> writes
>>>> It's a lot more simple than that, anything that requests me to confirm
>>>> my details is deleted straight away.
>>>
>>>But plenty of genuine emails come in from ebay that require you to sign
>>>in. Maybe the signin screen isn't the first one you see but it's always
>>>just 1 click away. It would be pretty easy to fool a lot of people with
>>>this.
>>
>>Anything from ebay I've had has been relevant to a purchase so contained
>>details I would not expect a con merchant to know.
>>
>>You would have to be a bit thick to receive an e-mail saying your
>>account has been used illegally and could you please confirm your
>>passwords and Visa details, and yes I know such people do exist.
>>
>
>
>Agreed, I don't recall anything ever received from ebay that
>required clicking-through any email links though it is a
>good point you made about currrent aution status updates.
>One can go to ebay through main 'site URL and log into their
>account if/when necessary.
Rather than just deleting it, why not help ebay(and paypal) fight
phishing by forwarding it to spoof@ebay.com or spoof@paypal.com ...and
then delete it!
In article <eghff1hecp1bkj6mbvq2iabd6jsqdig3ne@4ax.com>, NoSpam@nowhere.com writes
>Rather than just deleting it, why not help ebay(and paypal) fight
>phishing by forwarding it to spoof@ebay.com or spoof@paypal.com ...and
>then delete it!
Do they actually do anything about it?, I've sent similar e-mails
complete with headers to my bank and they didn't even bother to send an
automated reply.
Mike
--
Michael Swift We do not regard Englishmen as foreigners.
Kirkheaton We look on them only as rather mad Norwegians.
Yorkshire Halvard Lange
In message <VMjgLKAns89CFwZp@ntlworld.com> Michael Swift
<mike.swift@yeton.co.uk> wrote:
>In article <eghff1hecp1bkj6mbvq2iabd6jsqdig3ne@4ax.com>,
>NoSpam@nowhere.com writes
>>Rather than just deleting it, why not help ebay(and paypal) fight
>>phishing by forwarding it to spoof@ebay.com or spoof@paypal.com ...and
>>then delete it!
>
>Do they actually do anything about it?, I've sent similar e-mails
>complete with headers to my bank and they didn't even bother to send an
>automated reply.
Generally the reports are aggregated and used when lawsuits are being
considered.
--
The preceding post may have contained unsuitable materials
and should not have been read by small children.
Michael Swift wrote:
> NoSpam@nowhere.com writes
>
>> Rather than just deleting it, why not help ebay(and paypal) fight
>> phishing by forwarding it to spoof@ebay.com or spoof@paypal.com
>> ...and then delete it!
>
> Do they actually do anything about it?, I've sent similar e-mails
> complete with headers to my bank and they didn't even bother to
> send an automated reply.
ebay and paypal normally respond with confirmation that the 'thing'
did not originate from them. However, if you don't include full
headers when forwarding, it is rather useless to them.
--
Chuck F (cbfalconer@yahoo.com) (cbfalconer@worldnet.att.net)
Available for consulting/temporary embedded and systems.
<http://cbfalconer.home.att.net> USE worldnet address!
They do. It normally takes about 24 hrs to remove the site but that depends on how well it is done. For example those that put the gif over the address bar are gone almost as soon as you tell them. Those that don't take up to 24 hrs. Trouble is many are in South East Asia where they use the language barrier to ignore the report. As for Banks. I don't know what it is with them. I receive auto repliers 4 months after I send them the phishing report. So I don't do it anymore.
--
George Hester
_______________________________
"Michael Swift" <mike.swift@yeton.co.uk> wrote in message news:VMjgLKAns89CFwZp@ntlworld.com...
> In article <eghff1hecp1bkj6mbvq2iabd6jsqdig3ne@4ax.com>,
> NoSpam@nowhere.com writes
> >Rather than just deleting it, why not help ebay(and paypal) fight
> >phishing by forwarding it to spoof@ebay.com or spoof@paypal.com ....and
> >then delete it!
>
> Do they actually do anything about it?, I've sent similar e-mails
> complete with headers to my bank and they didn't even bother to send an
> automated reply.
>
> Mike
>
> --
> Michael Swift We do not regard Englishmen as foreigners.
> Kirkheaton We look on them only as rather mad Norwegians.
> Yorkshire Halvard Lange
Not really. All they are concerned about is the link in the phish. They do not have the resources to go after the e-mail server but they do have the resources to go after the Web Hoster. Which is what they do. The e-mail headers are unnecessary for that. In fact that is what I do. I figure out who is hosting the phish then if they have a 1-800 number I call them. Kilt a few that way.
--
George Hester
_______________________________
"CBFalconer" <cbfalconer@yahoo.com> wrote in message news:42F7EBEE.3AE1056F@yahoo.com...
> Michael Swift wrote:
> > NoSpam@nowhere.com writes
> >
> >> Rather than just deleting it, why not help ebay(and paypal) fight
> >> phishing by forwarding it to spoof@ebay.com or spoof@paypal.com
> >> ...and then delete it!
> >
> > Do they actually do anything about it?, I've sent similar e-mails
> > complete with headers to my bank and they didn't even bother to
> > send an automated reply.
>
> ebay and paypal normally respond with confirmation that the 'thing'
> did not originate from them. However, if you don't include full
> headers when forwarding, it is rather useless to them.
>
> --
> Chuck F (cbfalconer@yahoo.com) (cbfalconer@worldnet.att.net)
> Available for consulting/temporary embedded and systems.
> <http://cbfalconer.home.att.net> USE worldnet address!
>
>
In message <sI$uKJAXV49CFw+g@ntlworld.com>, Michael Swift
<mike.swift@yeton.co.uk> writes
>You would have to be a bit thick to receive an e-mail saying your
>account has been used illegally and could you please confirm your
>passwords and Visa details,
I keep getting these and I have never had anything to do with ebay.
Naturally I give them all my details, J. Smith
Buckingham Palace
The Mall
London.
But they still come.
"Michael Swift" <mike.swift@yeton.co.uk> wrote in message
news:sI$uKJAXV49CFw+g@ntlworld.com...
> Anything from ebay I've had has been relevant to a purchase so contained
> details I would not expect a con merchant to know.
It wouldn't be too hard for them to gain some information and post a
reasonably authentic looking message. All I'm saying is the ones I've
received have been extrememly unprofessional and very obvious and it
wouldn't bee too difficult to create something that looked a bit more
authentic that trapped a lot more people.
In article <42f993fa$0$18646$14726298@news.sunsite.dk>, Michael C
<me@nospam.com> writes
>> Anything from ebay I've had has been relevant to a purchase so contained
>> details I would not expect a con merchant to know.
>
>It wouldn't be too hard for them to gain some information and post a
>reasonably authentic looking message. All I'm saying is the ones I've
>received have been extrememly unprofessional and very obvious and it
>wouldn't bee too difficult to create something that looked a bit more
>authentic that trapped a lot more people.
Fair comment, but then I'm super cynical.
Mike
--
Michael Swift We do not regard Englishmen as foreigners.
Kirkheaton We look on them only as rather mad Norwegians.
Yorkshire Halvard Lange
"Michael Swift" <mike.swift@yeton.co.uk> wrote in message
news:ky9Mk1ARSi+CFwkD@ntlworld.com...
>>It wouldn't be too hard for them to gain some information and post a
>>reasonably authentic looking message. All I'm saying is the ones I've
>>received have been extrememly unprofessional and very obvious and it
>>wouldn't bee too difficult to create something that looked a bit more
>>authentic that trapped a lot more people.
>
> Fair comment, but then I'm super cynical.
I just got a PayPal phishing email. I clicked on that URL, and opened
up the real PayPal site in another window. The two were quite the
same, except:
1) The authentic site had the gold lock in the toolbar *with*
authentication.
2) The phishing site had a *long* URL, with a foreign source.
3) The authentic site was copyright 2005, the fake site 2004.
4) The fake sight was missing some of the antifraud links that were
present on the authentic site.
5) Slight font differences.
Fake eBay Powerseller scheme 
Linear Mode
