Current Status

This blog is not frequently updated because most case-by-case scam reports are now listed in subordinate blogs. At this point in time, most of my efforts are targeted at documenting employment scams in the Suckers Wanted blog.

2005-04-02

Phish of the Day: eBay

Received from 72.9.248.34 on Sat, 02 Apr 2005 05:10:28 +0000, one fairly ordinary eBay phish.

Dear eBay Member:

It has come to our attention that your eBay Billing Information records are out of date.
That requires you to update the Billing Information.
Failure to update your records will result in account termination.
Please update your records in maximum 24 hours.
Once you have updated your account records,
Your eBay session will not be interrupted and will continue as normal.
Failure to update will result in cancellation of service,
Terms of Service (TOS) violations or future billing problems.

Please click here to update your billing records.

The link was to http://66.49.46.170.nw.nuvox.net, which you can inspect at your own risk. When I inspected it, the page that loaded in the first instance was a fake error page ("The page you are looking for is currently unavailable"), which included a Javascript redirect to another page which contained the actual fill-out form. I didn't see anything that looked like it might try to exploit a browser security hole, but I don't know for sure, since I don't have a sacrificial Windows system on which to try it.

Posted by Spotter at 13:41

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)