Welcome | Sign In
ECommerceTimes.com
ID Security

Two Phishing Scams Target PayPal, eBay Users

Print Version
E-Mail Article
Reprints
Two Phishing Scams Target PayPal, eBay Users

By Susan B. Shor
TechNewsWorld
Part of the ECT News Network
08/12/05 9:10 AM PT

Because Internet users are becoming more suspicious about clicking on links in e-mails, the phishers may have devised the new scam to trick them into thinking that faxing information is safer. This scam, however, contains some obvious clues that something isn't right.


Increase Customer Sales with VerticalResponse Email Marketing! Quickly and easily send email newsletters, coupons & sales announcements to your customers – no technical expertise needed. Sign up for your Free Trial today and send 100 emails on us!

Two new phishing scams, one targeting PayPal and one eBay (Nasdaq: EBAY), are making the rounds on the Internet today, the anti-malware company Sophos said.

In the first, scammers are using a new twist: Instead of trying to get PayPal customers to input personal information on a bogus Web site, the e-mail sends them to a site hosted in Poland.

Bogus Investigation

The site contains a Microsoft (Nasdaq: MSFT) Word document purported to be from PayPal and asks them to fill that out and fax it back to a toll-free number. The scammers are using the ruse that someone has tried to reset the customer's Increase Customer Sales with Email Marketing -- Free Trial from VerticalResponse password and PayPal needs information from them to proceed with an investigation.

"It's perhaps possible that the number is being redirected to a satellite phone -- in which case the criminals could be sitting in a boat in international waters -- or one of these efax numbers which redirects to a computer running fax receiving software," Graham Cluley, senior technology consultant with Sophos, told TechNewsWorld about where the scam may be located.

Because Internet users are becoming more suspicious about clicking on links in e-mails, the phishers may have devised the new scam to trick them into thinking that faxing information is safer.

This scam, however, contains some obvious clues that something isn't right, Cluley said.

"The e-mail contains some grammatical and layout errors which should raise suspicions," he said. "Generally, we would tell people to be suspicious of any unsolicited e-mail. Legitimate organizations would never ask you to reconfirm your banking and credit card information in this way."

Appeal to Good Nature

The second scam targets the humanitarian impulses of eBay users. It claims to be an e-mail from Greta, an 87-year-old, who has bid on a wheelchair, but cannot find the auction. She asks for help through a "respond now" button in the e-mail that leads to a bogus Web site mimicking eBay. If users type in their login names and passwords, they will be stolen, Sophos said.

"In the past phishing commonly tried to get users to log into a bogus Web site to reconfirm their details, or pick up a security message. This technique of targeting the public's desire to show generosity and help others is a sign that the older tricks are proving less effective because of their over-use," Cluley wrote in a SophosLab warning about the scam. "We should not be surprised if the phishing gangs continue to innovate in the psychological stings they use to fill their pockets with other people's cash."

Print Version E-Mail Article Reprints More by Susan B. Shor

Talkback: Be the first to comment on this story.

More by Susan B. Shor

Salesnet President Jonathan Tang Ready to Take On Salesforce.com
February 07, 2006
"We think it's Salesnet's time now. We've been around since the beginning, we've been lying low, but you're going to start to see more of us. We've done it through organic growth and happy customers. We continue to focus on customers." 		Comcast Follows Time Warner in Offering 'Family' Programming Tier
December 23, 2005
"The demand for this type of tier is coming from the FCC and Christian conservatives. It has nothing to do with legitimate consumer demand," Todd Chanko, senior analyst at Jupiter Media, told the E-Commerce Times. 		High-Risk Flaw Found in Symantec's Software
December 22, 2005
"Part of the significance of this vulnerability announcement is that your machine can be exploited without you needing to do anything at all. You don't even have to open an e-mail or attachment, and this happens with the default configuration of the product," said Forrester Research senior analyst Michael Gavin.
Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]
Shortcuts
> Get Business and Technology News Alerts
> Most Popular | Spotlight Features | Exclusives
> This Week on ECT News Network | Podcasts
> Online Retail Transaction Performance Indices
> Inside E-Commerce Times
White Papers | Case Studies | Reports
9 Proven Techniques to Double your Sales. Sign up for the free eBook!
Leveraging Social Media To Boost E-Commerce Holiday Sales
The Business Case for Virtualization Management: A New Approach to Meeting IT Goals
Why Offshore Projects Fail: 6 Things to Know Before You Outsource
VCs Speak Out: Where the Tech Investments Are Going
E-Commerce Times
TechNewsWorld
CRM Buyer
LinuxInsider
MacNewsWorld
Today's E-Commerce Times Sponsors
Complimentary Webinar
How Much is 'Free' Costing You? DaveRamsey.com’s 567% ROI with Enterprise Analytics
Entrust Extended Validation SSL
Entrust EV SSL certificates -- "go green" for less. Now from only $199 per year.
Avaya Aura™
Save up to 40% on calling costs with Avaya Aura™
Trend Micro Smart Protection Network(TM)
Lower your content security management costs by up to 40%.
ECT News Network Information
Reader Services
Corporate
ECT News Network
Terms of Service | Privacy Policy | How To Advertise
Copyright 1998-2009 ECT News Network, Inc. All Rights Reserved.