eBay scam site nipped in the bud
Print storyLet's be careful out there
Posted in Security, 25th November 2002 16:10 GMT
Free whitepaper – Vulnerability management buyer's checklist
A spate of emails inviting eBay customers to divulge usernames and passwords to a scam site reached epidemic proportions last week.
The emails invited the foolhardy to hand over confidential details to a site called change-eBay.com, Needless to say, this has no affiliation with the online auction site. change-eBay.com was acquired using a stolen credit card and has since been closed CNET reports.
In the scam, users are told that their file has been tampered with and are directed to the fraudulent site to "update your eBay billing file". It's unclear how many people were taken in.
change-eBay.com is the latest in a long line of similar (relatively unsophisticated) scams, which have also targeted PayPal (now part of eBay) and Hotmail users. It's unlikely to be the last although judging from our own emails and those sent in by readers it is one of the most prolific.
So, for the avoidance of any doubt: NEVER respond to emails requests for your credit card information or password. ®
Related stories
PayPal spoof site sought credit details
Online Fraud Museum details CC hacking techniques
Evil spammers jailed for two years
The business case for application security
Reducing messaging and web security costs with managed services
Avoiding 7 common mistakes of IT security compliance
Server-gated cryptography
Airport insecurity: the case of lost laptops
Feds: Hospital hacker's 'massive' DDoS averted
Buggy 'smart meters' open door to power-grid botnet
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive