Links
Search
    Google
    Tip of the Day Blog
    The Web
« Auto-Save in Word | Main | Intro to Spyware »
Tuesday
Sep072004

More on Phishing

DateTuesday, September 7, 2004 at 09:41AM
TIP OF THE DAY

More on Phishing

I have previously written on this topic (http://totd.squarespace.com/tip-of-the-day-blog/2004/4/12/phishing.html) but it is one that continues to plague everyone.  Just yesterday, a reader sent me the following email:
Please take a look at this message.  It's riddled with bad grammer and syntax, and I've received no other emails indicating that ''I'' bid on auctions or won any auctions today.  Also, the email urges me to furnish the sender with my email account number and password.  I'll contact eBay in the a.m., but I haven.t been able to reach anyone there this evening.

Should I be suspicious of this email?

 ..... Forwarded Message .......
From:: Jennifer Burrows <jenniferb@ebay.com>
Date:: Mon, 06 Sep 2004 02:16:56 +0100
Subj:: eBay® Change your Account Password

Dear eBay Customer,

You have received this email, because we have indicate that someone
had used your eBay account more than fifteen times today from different hostnames.
Here is some of them:

c-24-14-5-174.client.comcast.net
061238117002.ctinets.com
r50h4.dixie-net.com
host81-137-246-85.in-addr.btopenworld.com
ip67-153-93-156.z93-153-67.customer.algx.net

In this way we have only to think that your account password is stolen.
We have delete your payment information (Card on File) for your security reasons.

Please follow the link below and login to our system to change your password.

If you think that is a normal for your account, please disregard this message.

Regards,
Jennifer Burrows,
eBay Inc.

This is a classic example of phishing.  NEVER follow a link from an unsolicited email  to change your user name and/or password.  The e-mail, which claims to be from a reputable source, such as your bank or credit card company, requests that you click on a link and go to their Web site to make sure that your information is correct. Once on the site, you are asked to provide personal information to verify their records. The information requested is your name, credit card number, expiration date, SSN, DOB, and so on. This technique is called Phishing because the person perpetrating the scam is throwing a line or net to see who bites. Don't fall for it.  The link will look completely legitimate, but it is not.  You will think you are on eBay's website for example, but you are really in the crook's website and they are stealing your user name and password.  Phishing is used by scammers because it works.  Be careful, or you too will be a victim.


Read the prior TOTD on Phishing for more info: http://totd.squarespace.com/tip-of-the-day-blog/2004/4/12/phishing.html
AuthorMiguel M. de la O | Comments Off |

EmailEmail Article to Friend