Re: Identity theft scam against eBay users

From: Patrick Bryant <pi(at)pbryant.com>
Date: Mon Feb 10 2003 - 20:29:43 EST

The text in the "hook" email in my incident is slightly different. I'm including it below. Note subtle grammical errors in the text.

I've been trying to advise eBay all day, since it's their name that's being exploited, but all of my calls and emails have fallen into a blackhole.

It now appears that the attackers are playing a shell game with the redirector site. Even though the site that receives the victim's post (bayers.netfirms.com) has been shut down, now the attackers are redirecting to at least one different site for receiving the posts.

Here's the text that initiated my team's involvement:

---

Dear eBay User,
During our regular update and verification of the accounts, we couldn't verify your current information. Either your information has changed or it is incomplete. Please update and verify your information by signing in your account below : If the account information is not updated to current information within 5 days then, your access to bid or buy on eBay will be restricted.
go to this link below:

---

Jordan K Wiens wrote:

> A user on our network just reported a very similar situation, however the

---

This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Mon Feb 10 23:05:53 2003