Current Status

This blog is not frequently updated because most case-by-case scam reports are now listed in subordinate blogs. At this point in time, most of my efforts are targeted at documenting employment scams in the Suckers Wanted blog.


Phish of the Day: eBay, eBay, eBay

"If you choose to ignore our request, you leave us no choice but to temporarily suspend your account." Does this sound familiar? Does it smell phishy? It should: it's from one of many eBay phish I've received recently, targeted at an address harvested from Usenet. These are pretty dull in the overall scheme of things -- about like the PayPal phish that have also been in over-supply. The most interesting thing about the phish is the lure used, which is as follows.

We recently noticed one or more attempts to log in to your eBay account from a foreign IP address and we have reasons to believe that your account was used by a third party without your authorization. If you recently accessed your account while traveling, the unusual login attempts may have been initiated by you.

In most cases the recipient will not have recently accessed eBay while traveling, and may therefore be suckered into clicking on the link, which presumably takes them to a standard faked-up site where they willingly disclose sensitive data to evildoers. I say "presumably", because the one link I tried wasn't responding.

No further comment on eBay phish for now. Boring stuff.

No comments: