Phishing is an attempt to falsely acquire sensitive information from you, such as your eBay/PayPal passwords and ID, by getting you to respond to an official looking email by clicking on a link featured on it. The link directs you to an authentic looking sign-in page which is really a pharming site. This can be an eBay page or an official looking site where you are asked to update personal information, such as passwords and bank details.
Another way of trying to get your eBay password is the use of something called an “overlay” page. You’re looking at an auction, decide to bid/watch the item/check sellers feedback and when you click on any button on that page you are immediately redirected to a spoof ebay login page.
Phishing emails are often sent through a hijacked account with a link or a file that contains a virus or a redirect to a pharming site. Additionally, after the account owner responds to the email, that account is hijacked.
The reports of this happening are drastically mounting. New automated phishing software available combined with excellently put together spoof pages puts this on the increase.
Sometimes just clicking on the link appears to do nothing. But, even if you did not enter any financial or personal information (passwords, credit card details, etc), you could still be at risk.
When you click on something in these emails, you're requesting access to some unknown server... somewhere. Before you're allowed access to that server, your IP address, your Operating System & version, your browser & version, your screen resolution, perhaps what brand of AV software you're running, possibly your name — if your computer is registered to you — and a whole bunch of other assorted stuff will be sent to that unknown server which will show you the fake eBay or PayPal login page. This data that's been sent becomes a part of the Server's Log Files. The scammers, since they've already hacked the server, have ready access to the Log Files, and they extract all this data and sell it to anyone who'll pay their asking price or even use it themselves.
And in many of the newer emails, clicking on anything — link, button, text, border, logo, etc. can set the running of a script in motion. What the script can do depends on the mood and skill of the sender, but these scripts, in emails, are very rarely to the benefit of the user.
Also, some Trojans (any one of about 500, currently) can also be downloaded through one simple click.
These Trojans are designed to do two things:
1. Steal passwords
2. Hide from Anti-Virus software, as they download
That is why the best action to take when handling these emails is this: No action at all, ignore and delete. If you wish to forward them on to eBay or PayPal, that's okay... just don't click on anything in any of these. This failure to respond is the safest for you.
If you have clicked on a link, you'll need to clean your computer, then change all passwords for eBay, PayPal, email and any online banking. Make sure that your password isn’t a weak one. Use both letters and numbers (but not initials or date of birth).
You'll need to register a new email password before speaking with them so do that first.
To report someone else’s account as hijacked use this link:
Report account theft
Do not get your friends and neighbours to report it too! It only needs to be reported once. More than this and you’ll just slow Ebay down. There are some other problems here – a compromised auction listing may have an invisible overlay on it. It’s safer not to report from within the listing using the ‘report’ button. Use the link instead.
If you see a “seller added this” box containing a message requesting that any potential bidders contact a g-mail address prior to bidding then you’re looking at a hijacked account. Write down the seller’s ID and the item number and hit the back button! Report using the link above.
It’s a jungle out there!! There are always different phishing mails doing the rounds. They may tell you that you've been suspended for shill bidding, haven't paid an invoice, problem with your Ebay bill....just copies of normal Ebay notices, really.
If you have any queries just post a question on the Q&A boards, you'll get a response within minutes. There is also an excellent HTML and Technical board where you can get techy advice.
