SERIOUS eBay scam

dodgechargerfan

dodgechargerfan

In a 55 gallon drum, floating down river, and
Staff member
Watch out for this one!

There are listings put up on eBay that have a flash file tagged onto the listing page. This flash file redirects your browser to another site that looks exactly like the eBay listing page... but it's not.

The case that I saw:
http://cgi.ebay.com/ebaymotors/Dodge-Charger-Hemi-1969-Dodge-Charger-R-T-Hemi-Mopar_W0QQcmdZViewItemQQcategoryZ6199QQihZ016QQitemZ260018765946QQrdZ1

redirects you to a geocities site. You can actually see it in the address bar, but the switch is not very noticeable. Most won't notice.

If you are quick enough, you can click the stop button and see the initial listing page on eBay - before it redirects you to the geocities page.

The game is to collect usernames and passwords.

If you hover over the "Ask the seller a question" link, you'll see it goes off somewhere else. I assume that's a page that looks just like the eBay page for contacting the seller, but you are asked to log in first. That's where they collect your info.

DON'T give them your info!!!!


This is a rather interesting little scam as the days of "Don't click a link in an e-mail, go directly to the website and log in" are now gone.
Since eBay may ask you to log in even after you've already done so, this little scam circumvents that safeguard rather nicely.

Always check the links you are clicking on. If you are presented with a log in page, make sure you were expecting it.
 
dang! They've yanked that one down already. I was looking at it 5 minutes ago.

Still, watch out for others.

For most of us that have spent time on eBay looking at cars, the "private bidder" listings raise red flags unless the seller is well known in the hobby. This scam uses that as part of the mechanism to get you to ask the seller a question - hence the need to log in.
 
this houshold just recieved it's first pay pal scam email. guess we're just slow.

I've seen some funky stuff on ebay and when I do I just close ALL windows. go back and try again. I've seen the redirects but haven't been asked to "log in" yet. Thanks for the heads up!
 
The rule of thumb I use when logging on to ebay or paypal. I always, purposely give the wrong password. If it doesn't kick it back, you know you've been redirected.
 
Thanks for the heads up. Sadly, there's a LOT of non-computer types on eBay that are likely going to get suckered by that.
 
V8Voyager said:
The rule of thumb I use when logging on to ebay or paypal. I always, purposely give the wrong password. If it doesn't kick it back, you know you've been redirected.
Click to expand...

sweet!
 
V8Voyager said:
The rule of thumb I use when logging on to ebay or paypal. I always, purposely give the wrong password. If it doesn't kick it back, you know you've been redirected.
Click to expand...

HEY! That's a good one!
 
Have you tryed the free file SPOOFSTICK it's an IE addon that displays the name of the site your on if IE reports Ebay and it's not Spoofstick lists the correct URL.
 
I got a paypal message the other day but it was sent to an email address that I use for the places that I am not sure off. It had a link as to where to log in to to check for a foreign user trying to access my paypal. I only used my valid email addy for my paypal so I knew it must be bogus. Some of those aholes will try anything.:mad:
 
mealso said:
Have you tryed the free file SPOOFSTICK it's an IE addon that displays the name of the site your on if IE reports Ebay and it's not Spoofstick lists the correct URL.
Click to expand...


Cool! Thanks.

I've got an anti-spoof thing that my bank gave me for free, but as far as I know it only works for the bank's sites.

I'll check out spoofstick.
 
Quote from ebay

"If you are ever concerned about an email you receive from eBay, simply follow these steps:

1. Open a new Web browser and type www.ebay.com into your browser
address field to go directly to the eBay site.

2. On eBay, sign into your account and click the "My eBay" button at the
top of the page.

3. Check the My Messages section located at the top of the My eBay page.
If an email affects your eBay account, it's now in My Messages. Any
email sent to your registered eBay email address from eBay or from
another eBay member via eBay's member-to-member communication system will now appear in My Messages.

Just remember, if you get an email to your registered eBay email address
that looks like it's from eBay about a problem with your account or
requesting personal information, check My Messages first. If it's not
there, it's a fake email.

If you still have any doubt about whether an email message is from eBay,
please forward it immediately to spoof@ebay.com. Do not respond to it or
click any of the links. Do not remove the original subject line or change the email in any way when you forward it to us."
 
i love the ebay emails stateing you have payed for something or have recived payment for something...useualy stupid "popular" electronics(ipods and such) or high $$ cars/bikes
 
Feb 13, 2007
71 challenger in "cars and trucks" no picture or gallery picture. redirects. Can you report these? how do you stop it long enough to?
 
The item number shuold be the same. If it's not, then they've done a crappy job on the scam.

ANother way is if you are looking at the auction item in a list from doing a search, you can get the item number from the link by hovering over the link or right clicking and checking the properties
 
POOF! it's gone already :giggedy: before the password page came up, I did see it was from San Jose CA

....and let's be careful out there :bravo:
 
You must log in or register to reply here.

SiteLock

SiteLock
Back
Top