Thought you might want to alert your readers to a very dangerous scam that we’ve just observed in our Aliencamel.com service. It’s a very cleverly constructed email that purports to be from ebay - getting users to reconfirm their details.
The email contains a graphic which is designed to look like “text” with a hyperlink – but is actually a mime part that has a gif. Clicking on the graphic causes you to jump to a web page purportedly from ebay.
It disguises the fake web page using hex encoding of parts of the URL so that when the user opens the web page with a web browser, it apppears to be from scgi.ebay.com, but they don’t observe that the real site is at 220.127.116.11 on port 4901. If you click on the email, it sends you to: <email@example.com:4901/check1/index.htm>
What’s unbelievable is that it the scammers attempt to get:
– Your ebay userid and password
– Your name
– Your date of birth
– Your US Social Security number
– Your Credit card number
– Your Expiration date
– Your credit card’s verification code
– Your ATM PIN number
This is clearly a very well orchestrated attempt to fraudulently obtain banking information as well as ebay account info. You should alert people to it ASAP.
Thanks, Syd. Definitely these scams are getting better. My advice: never trust any email that asks you to do anything, unless it’s to call your mother more often.