The Latest eBat Identity theft scam !

[NOSValves]

Recieved this in my In box this morning the scams never end !

Dear eBay member,

We recently noticed one or more attempts to log in to your eBay account from a foreign IP address and we have reasons to believe that your account was used by a third party without your authorization. If you recently accessed your account while traveling, the unusual login attempts may have been initiated by you.

The login attempt was made from:

IP address: 68.190.191.68

ISP Host: 68-190-191-68.slt-cres.charterpipeline.net

By now, we used many techniques to verify the accuracy of the information our users provide us when they register on the Site. However, because user verification on the Internet is difficult, eBay cannot and does not confirm each user's purported identity. Thus, we have established an offline verification system o help you evaluate with who you are dealing with. The system is called ebay PowerSafe and it's the most secure eBay wallet so far.

If you are the rightful holder of the account, click on the link below, fill the form and then submit as we will verify your identity and register you to ebay PowerSafe.

To make eBay.com the most secure site to place or bid on your auctions,every user will be registered to PowerSafe.

If you choose to ignore our request, you leave us no choice but to temporally suspend your account.

* Please do not respond to this e-mail as your reply will not be received.

Regards, eBay Inc.

[Deang]

I don't know Craig, sounds like the real deal to me. Look man, it says they're going to suspend your account if you don't do it.

[Piranha]

You did re-register right?

If not, I will make it easy for you. Here ya go.

[maxg]

They get better each time dont they. On occasion - when I have really not been sure whether it is real or not I go directly to ebay (not following the provided link), login, and see if there are any messages or instructions relating to the email.

If not I do nothing.

I wonder if my account still works

[NOSValves]

Yea right! When receiving any email from paypal, eBay or whatever I always right click and properties to see where it originates from and sure enough if you look through it closely you will always find something strange. This is another classic example of why people need to be ultra careful and research every relationship that they form on the internet whether on a public forum or through email. Anyone can be anything behind a keyboard.

Craig

[Piranha]

Uhummmmm....and just who might you be referring to?

[dubai2000]

Don't ebay and paypal always address their customers by full name? I try to be extra careful with such mails as well....touch wood, so far I've been lucky....I guess/hope... .

Wolfram

[NOSValves]

----------------

On 4/16/2004 9:37:15 AM Piranha wrote:

Uhummmmm....and just who might you be referring to?

----------------

LOL !!

[skonopa]

Another thing to keep in mind. Every once in a while, I do get a legitamate e-mail from eBay or PayPal (for example, I had an e-mail from PayPal talling me my credit card I use with my account was about to expire).

Every single time, they tell me to simply log into my own account using my own username and password and update the information there. Never, have they provided a link to some form asking for everything and anything about me. Just telling me to log into my account and update the information there.

Anything that asks you to fill in some form and submit it, is highly suspect, regardless from whom it is. The legitimate e-mails from these services just simply want you to log into your account and update it.

Also, check the url displayed in the address box in your browser. If it does not start with "https//", that is also a good bet it is not legitimate.

As somebody already mentioned, contact eBay directly, perhaps with a copy of the message attached to your e-mail and ask them if this is legit. More than likely, it is not. NOSValve, I would report this to eBay proper.

[NOSValves]

Steven.

Very sound advise and what I do every single time if I have trouble finding the strangeness viewing the source of the email.

Craig

[ygmn]

imagine what worldy problems these hackers could solve if they put their attention to them...instead...they resort to common theivery.....

Hang em by the toe nails I say

[3dzapper]

if I have trouble finding the strangeness viewing the source of the email.

???????????

Max and Steve gave the right advise. When in doubt, delete. And have a good firewall, virus protection, spyware protection and adware protection. Even on Yahoo with spamguard spam happens.

Rick

[anarchist]

Nos,

Your 'registration button' belongs to this company. Perhaps folks would like to drop them a line and ask a few questions.

Organization:

CashMaster Business Systems, Inc.

Marilyn Kyd

15009 8th Place West

Lynnwood, WA 98037

US

Phone: 425-742-7120

Fax..: 425-742-2897

Email: marilyn@MomThoughts.com

It is also interesting to know if you drop off the 'validate.php from url from the ip address you get a whole different site from this server which bears no resemblence to ebay.

For further giggles, the site was designed by some guys called com-pro.net:

hard and soft

Max Haas

Feldgasse 9

Voecklabruck, AT 4840

AT

Phone: 0043-7672-28315

Fax..:

Email: max.haas@voecklabruck.com

In short, hard and soft dba com-pro.net (located on a server in AT)created a site for a hotel which happens to be in Voecklabruck and is located on a server registered to CashMaster (US) containing a subdirectory which contains an Ebay theft identity script.

It's a shame hacking back into a thiefs system is a criminal act or I might have some fun here.

[NOSValves]

----------------

On 4/16/2004 10:57:10 AM 3dzapper wrote:

if I have trouble finding the strangeness viewing the source of the email.

???????????

Max and Steve gave the right advise. When in doubt, delete. And have a good firewall, virus protection, spyware protection and adware protection. Even on Yahoo with spamguard spam happens.

Rick

----------------

Rick,

Just to be clear here. Once a email is in your inbox on your computer it has already past your firewall, Virus software and the works. Right clicking on it and choosing properties only affords a chance to look at the path it took to reach your inbox. No danger there at all. Its the best way to see if a email is from who it says it is from.

Craig

[anarchist]

Ok,

Since I am occasionally a pr^ck and these little script kiddies piss me off, I followed Marilyns trail to her other website. Thankfully she asks for feedback on her site or just to vent, so I submitted the following to her:

why is there an ebay identity theft script located on your server belonging to Cashmaster Business Systems Inc? Why are fraudulent emails being sent to unsuspecting ebay members requesting them to use that script and subsequently give their personal information to a fraudulent company? Ebay has been notified.

If SHE isn't responsible, she certainly will want to know how a theft script was placed on her managed assets jeopardizing her reputation.

[3dzapper]

Good job,Anarchist!

Rick