Wednesday, March 03, 2004

I just got an email with the subject

RE: Question for seller -- Item #180346979

Hmmmm. I didn't ask any sellers any questions. My first thought was that my ebay account had been compromised, and that someone was running roughshod over my reputation, bidding on everything and causing major problems. On the email was a handy-dandy link to ebay to view the item!

This is a sneaky bastard of a phishing email. They are (ph)fishing for information - like, if I click on the handy link (which LOOKS like a real ebay link, but is actually NOT - it goes to some owned users machine in NC), I get prompted for my ebay username and password on a screen which looks exactly like the real ebay screen. But it isn't on an ebay server.

Someone copied the ebay screen look, made a page that looks just like it but funnels the information you enter into a private database that they can then use or sell to other nasty people.

Don't fall for this, people! If you get any emails from ebay or paypal, or any visa company, or any other vendor, company, or other place on the web with intructions to 'verify' your account or view your status or check your settings - it could be a fake email designed to get you to enter your passwords into someone else's website!

NEVER click on links in emails unless you are positive that they lead to the right place. Even then, why not open up a browser and go to the site manually? Takes a bit longer, but is pretty much foolproof.

This mail in particular is scary because it ALMOST got me. If I hadn't had html disabled in my outlook email, I would have seen only the ebay link address that they wanted me to see, not the fact that that was just a text label for the false link to their website.

Disabling HTML is the single most important thing you can do (besides applying all security patches) to protect yourself against viruses and this sort of phishing email. How do you do that?

I can tell you, but be warned that it involved making direct changes to the registry and works for Windows 2000 - I do not know if it works for Windows 95/98 or any other flavor of Windows.

This website has the instructions for how to do this. If you don't know how to edit the registry, you shouldn't be doing this - find someone who can do it safely.