(no subject)
Jun. 24th, 2005 08:01 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
which_chickOMG, best phishing attempt 3V4R!!!
This hit my inbox today:
Dear eBay Member:
Due to recent account takeovers and unauthorized listings, EBay is introducing a new account verification method. From time to time Randomly selected accounts (seller and/or buyer) Are subjected to an advanced verification process Based on our merchant accounts/bank relations and customer's credit card.
EBay may also request in an email message scanned/faxed copies of one or more photo ID's. Your account confirmation may go wrong if your credit card/bank account is expired Or if you have changed your credit card number Billing address etc. without notifying us about the change.
Subject of this verification process are also the accounts that have unpaid dues to eBay. Your account is not suspended But if in 48 hours after you receive this message your account is not confirmed We reserve the right to suspend your eBay registration.
If you received this notice and you are not the authorized account holder Please be aware that it is in violation of eBay policy to represent oneself as another eBay user.
Such action may also be in violation of local, national And/or international law. EBay is committed to assist law enforcement with any inquires related to attempts To misappropriate personal information with the intent to commit fraud or theft.
Information will be provided at the request of law enforcement agencies To ensure that perpetrators are prosecuted to the full extent of the law.
Note: If this is the second time you receive this notice it might be because you have made a mistake when you entered your details or that the account was not updated at all.
To confirm your identity with us click here:
http://www.ebaylive2005.com
We apologize in advance for any inconvenience this may cause you and we would like to thank you for your cooperation as we review this matter.
Respectfully,
Trust and Safety Department
eBay Inc.
Now, this is a criminal mind phishing for identity-theft materials. It is. How do I know?
1. eBay doesn't ask for personal information like that. Ever. They say so multiple places on their web site.
2. The link for "www.ebaylive2005.com" actually goes to http://www.co-op.or.kr/acounts/memb/avncenter/dll87443/.BayISAPI.dll/.... I'm pretty sure that eBay doesn't host its stuff on websites in Korea.
3. Whois information on the domain name ebaylive2005 lists the registrar as
Deborah Denen
665 North 57th Avenue
Omaha NE 68132
I imagine that Deborah Denen will be pretty surprised to realize that she registered a domain name on 6-20-2005 that's being used in a noteworthy phishing attempt. Probably she's too busy cleaning up the mess that's being made of her credit history at this very moment to appreciate the slickness of this phish, but that's not our problem.
Note, for the record, that the ACTUAL eBay domain name is registered to:
eBay, Inc.
2005 E. Hamilton Ave., Ste. 350
2125 Hamilton Ave
San Jose, CA 95125
4. The email does not follow standard capitalization rules. It looks like the author capitalized the first word in each phrase or something. Official communiques I've gotten from eBay have all been correctly punctuated and spelled.
Okay. So it's a phish. What makes it a GOOD phish?
It sounds plausible, at least at first. Citing recent account takeovers and unauthorized listings is a good way to start. Many people, particularly the exceedingly trusting, know that one's eBay account data can be stolen and consider this a pretty significant problem. The line about an email message scanned/faxed copies of one or more photo ID's should raise red flags all over the place, but you're given a set-up sop on this because it's a part of the new account verification method, see. If you're willing to buy into the "new account verification method", you're probably not smart enough to realize that a couple of minutes with Photoshop could put whatever numbers you wanted on a scanned image of an ID.
Big false step, at least to me, was the line Subject of this verification process are also the accounts that have unpaid dues to eBay. Dues to eBay? Whiskey Tango fucking Foxtrot on that one, baybee. Dues to eBay? News to me. Greedy fucking criminals, aren't they?
They've also wrapped themselves in eBay's disclaimers about laws and such. Sheep's clothing, oh yes.
You know, in the face of inbox overphishing, reading for meaning is a lot more important than most middle-schoolers probably think it is. I think perhaps the ability to tell phish from friend is one of the more USEFUL applications of reading for meaning that normal humans can do these days. They should teach this in school.
This hit my inbox today:
Dear eBay Member:
Due to recent account takeovers and unauthorized listings, EBay is introducing a new account verification method. From time to time Randomly selected accounts (seller and/or buyer) Are subjected to an advanced verification process Based on our merchant accounts/bank relations and customer's credit card.
EBay may also request in an email message scanned/faxed copies of one or more photo ID's. Your account confirmation may go wrong if your credit card/bank account is expired Or if you have changed your credit card number Billing address etc. without notifying us about the change.
Subject of this verification process are also the accounts that have unpaid dues to eBay. Your account is not suspended But if in 48 hours after you receive this message your account is not confirmed We reserve the right to suspend your eBay registration.
If you received this notice and you are not the authorized account holder Please be aware that it is in violation of eBay policy to represent oneself as another eBay user.
Such action may also be in violation of local, national And/or international law. EBay is committed to assist law enforcement with any inquires related to attempts To misappropriate personal information with the intent to commit fraud or theft.
Information will be provided at the request of law enforcement agencies To ensure that perpetrators are prosecuted to the full extent of the law.
Note: If this is the second time you receive this notice it might be because you have made a mistake when you entered your details or that the account was not updated at all.
To confirm your identity with us click here:
http://www.ebaylive2005.com
We apologize in advance for any inconvenience this may cause you and we would like to thank you for your cooperation as we review this matter.
Respectfully,
Trust and Safety Department
eBay Inc.
Now, this is a criminal mind phishing for identity-theft materials. It is. How do I know?
1. eBay doesn't ask for personal information like that. Ever. They say so multiple places on their web site.
2. The link for "www.ebaylive2005.com" actually goes to http://www.co-op.or.kr/acounts/memb/avncenter/dll87443/.BayISAPI.dll/.... I'm pretty sure that eBay doesn't host its stuff on websites in Korea.
3. Whois information on the domain name ebaylive2005 lists the registrar as
Deborah Denen
665 North 57th Avenue
Omaha NE 68132
I imagine that Deborah Denen will be pretty surprised to realize that she registered a domain name on 6-20-2005 that's being used in a noteworthy phishing attempt. Probably she's too busy cleaning up the mess that's being made of her credit history at this very moment to appreciate the slickness of this phish, but that's not our problem.
Note, for the record, that the ACTUAL eBay domain name is registered to:
eBay, Inc.
2005 E. Hamilton Ave., Ste. 350
2125 Hamilton Ave
San Jose, CA 95125
4. The email does not follow standard capitalization rules. It looks like the author capitalized the first word in each phrase or something. Official communiques I've gotten from eBay have all been correctly punctuated and spelled.
Okay. So it's a phish. What makes it a GOOD phish?
It sounds plausible, at least at first. Citing recent account takeovers and unauthorized listings is a good way to start. Many people, particularly the exceedingly trusting, know that one's eBay account data can be stolen and consider this a pretty significant problem. The line about an email message scanned/faxed copies of one or more photo ID's should raise red flags all over the place, but you're given a set-up sop on this because it's a part of the new account verification method, see. If you're willing to buy into the "new account verification method", you're probably not smart enough to realize that a couple of minutes with Photoshop could put whatever numbers you wanted on a scanned image of an ID.
Big false step, at least to me, was the line Subject of this verification process are also the accounts that have unpaid dues to eBay. Dues to eBay? Whiskey Tango fucking Foxtrot on that one, baybee. Dues to eBay? News to me. Greedy fucking criminals, aren't they?
They've also wrapped themselves in eBay's disclaimers about laws and such. Sheep's clothing, oh yes.
You know, in the face of inbox overphishing, reading for meaning is a lot more important than most middle-schoolers probably think it is. I think perhaps the ability to tell phish from friend is one of the more USEFUL applications of reading for meaning that normal humans can do these days. They should teach this in school.
