Bogus eBay scam

Seems like I'm getting more and more email of this variety. I've recently received very 'real' looking Citibank, PayPal and the below bogus eBay email. Looks like lots of folks are receiving similar spam.

How to spot a bogus link

For those of you who receive email like this, rolling over the URL link in the message is usually the main giveaway. They have addresses like domain.com listed as in the above phony email but in reality it will take you to a nefarious site aimed at collecting your personal information. The way they fool most folks is through keeping a portion of the 'real' domain intact. For example they keep domain.com but add something like @101.101.101.255 to the end of the domain, effectively rerouting it. Sometimes the redirection is hidden so it's not as obvious as my 101 example but either way, just because a portion of a URL appears to be correct is no reason to trust it. I'll give you a sample of wacky IP tricks, here is a link to Hotmail.com.

For more on wacky IP addressing, here is an old post on the subject. The lesson: when a company contacts you via email to change your sensitive credit or personal information, it's best to go to the address you know them by and change your profile from there. I'm sure there are exceptions to the rule, but isn't it worth highly scrutinizing banking and finance correspondence?

Comments

Popular posts from this blog

In the interest of full disclosure