Recently I’ve received a couple of emails purporting to be from PayPal and eBay alerting me to suspicious activity at my account. They asked me to login and verify my information. Luckily, I’m a suspicious person by nature. Probably has something to due with being abandoned at the Grand Canyon by my parents. Can you imagine? The Grand Canyon?! No imagination.
Anyway, I realized that I was a near-victim of phishing; a phony email send by someone trying to trick me out of my PayPal and eBay information, or more. These emails lead you to duplicitous sites that look like the real thing and ask for your personal information.
Since at least once a day I get an email from a client asking about one scam or another, I figured I’d blog about my PayPal/eBay phishing experience.
The emails have the look and feel of a legitimate missive from the companies named. However, closer inspection of the emails reveals their bogus-nicity.
The PayPal email has a subject line of "Important notification about your account" and was addressed from service@paypal.com. It tells me that they "recently noticed one or more attempts to log in to [my] PayPal account from a foreign IP address." They go on to tell me that "For the moment [my] PayPal account is temporally subject of verifications."
This almost makes no sense, even if they mean temporally as "of, relating to, or limited by time," as opposed to "of or related to the material world." I think they meant "temporarily subject to verification."
They go on to tell me that I "must visit the link below and enter [my] detailes (sic) on the following pages."
Even if I believed that PayPal doesn’t own a spellcheck, I’d be concerned. Once you look at the code or click on the link–which I never recommend–you’ll see that you are going to a Web page that’s not at PayPal, no matter what it may look like. You can tell by the URL: http://www.placesafe.com/verification/ users/cgi-bin/login.php. It does appear to be a "place safe," but it’s not PayPal.
The eBay email was no more sophisticated. The email was titled "eBay Fraud Mediation Request" and came from aw-confirm@ebay.com.
The email warned me that I have "recieved (sic) this email because [I] or someone had used my account to make fake bids at eBay. For security purposes [they] are required to open an investigation into this matter."
Oh, silly con man! Don’t you know? I after E except after C!
There appeared to be a text link direct to eBay’s site where I could login and take care of this matter, once and for all. After all, if I didn’t respond within 48 hours my account will be suspended!! The link appeared to be pointing me to eBay’s site:
http://scgi.ebay.com/verify_id=ebay &fraud alert id code=00937614
However, by looking at the source code or by clicking on the link we can determine that the link actually goes to http://210.188.194.174/.ws/eBaySuspension/signin.ebay. com/aw-cgi/eBayISAPI.dllSignIn-ssPageName-hhsin.php…a much less reassuring URL.
So how can we protect ourselves if the grifters out there ever purchase a spellcheck? Well, my advice is to NEVER click on a link in an email that requests information. Instead, login to your account through your normal pattern. That way you can be sure that you’re accessing the right site.
ADDENDUM: I’ve recently posted a related article on PayPal and fraudulent emails here.
This is my 100th post! 
Flyte recently helped our client, Tim Porta, set up a blog for 
Searching the past is so five minutes ago.
