Jilara (jilara) wrote,

Ebay identity grabber message

Well, my yahoo account got an interesting little tidbit, today. It was slick, really slick, a mechanized account grabber. It even had a return address that was correct in every detail for ebay. It stated that your account would be temporarily suspended unless you updated info, and asked you to enter your user name and password. So I entered "fakeuser" and password "spoofit" and checked what would happen. It gave a server failure message. I noted the adddress, and went there in my browser. It took me to a web hosting service that said the web page in question with that domain name was not available yet, but email was being delivered there. Hmm, interesting. I then sent everything off to ebay, who sent me back a "Yes, we are investigating this identity theft site" notice. Wow, I can see the nonsavvy falling for this one in droves. It was really good, really slick. It's only because I have a perverse interest in this stuff that I knew instantly that it was an identity grabber (I hang out of the ebay security discussion group a lot). Very, very well done. Scary stuff, when you think of mom and pop America blythely falling for it.
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened