RE: Fraudulent use of ebay's name

From: Steve Cody (Steveat_private)
Date: Tue Nov 19 2002 - 15:45:07 PST

  • Next message: Jonathan A. Zdziarski: "RE: Fraudulent use of ebay's name"

    This isn't the first time I've seen this type of thing.  A friend
    received a very similar email indicating that her AOL account needed to
    be verified and was directed to www.aolerrors.com.  The site looked like
    the AOL.com site, and requested credit card information.  I tracked the
    owner of the site down to his street address and phone number in
    California, but nothing was ever done with it other than his site coming
    down.
    
    Steve Cody
    
    -----Original Message-----
    From: Ragnar Paulson [mailto:ragnarat_private]
    Sent: Monday, November 18, 2002 12:52 PM
    To: incidentsat_private
    Subject: Fraudulent use of ebay's name
    
    
    I received the email following this (headers included) on Saturday.
    It's pretty clear to me that EBAY didn't send this and I've informed
    them.  However perhaps the text outside the obvious formail header is a
    pretty good attempt to deceive, pehaps there should be more a more
    widespread warning.
    
    Regards,
    
    ----
    Ragnar Paulson                   ragnarat_private
    The Software Group Limited
    705 725 9999 x21
    
    Return-Path: <anonymousat_private>
    Received: from dprhplesk09.doteasy.com ([209.153.218.1])
     by ns2.wanware.com (8.11.6/8.11.6) with SMTP id gAGB3ox12164
     for <ragnarat_private>; Sat, 16 Nov 2002 06:03:51 -0500
    Received: (qmail 21425 invoked by uid 10044); 16 Nov 2002 04:26:11 -0000
    Date: 16 Nov 2002 04:26:11 -0000
    Message-ID: <20021116042611.21415.qmailat_private>
    To: deayuuat_private, fbauterat_private, ishojat_private,
       ragnarat_private, ragnar@valley-internet.net,
    amemat_private,
       slgat_private, kristi_allisonat_private, slg_2001at_private
    From: ehtelxat_private (ehtelxat_private)
    Subject: eBay Verification Process
    X-RAVMilter-Version: 8.4.1(snapshot 20020919) (ns2.wanware.com)
    X-spam: OK
    X-spamscore: 2.9
    
    Contenuto del messaggio inviatoti tramite il tuo FormMail.  E' stato
    inviato da
    ehtelxat_private (ehtelxat_private) il Venerd́, 15 Novembre 2002
    alle 20:26:11
    ------------------------------------------------------------------------
    ---
    
    edy: 
    
    Dear eBay User,
    
    It has become very noticeable that another party has been corrupting
    your eBay account and has violated our User Agreement policy listed: 4.
    Bidding and Buying.
    
    You are obligated to complete the transaction with the seller if you
    purchase an item through one of our fixed price formats or are the
    highest bidder as described below. If you are the highest bidder at the
    end of an auction (meeting the applicable minimum bid or reserve
    requirements) and your bid is accepted by the seller, you are obligated
    to complete the transaction with the seller, or the transaction is
    prohibited by law or by this Agreement. You received this notice from
    eBay because it has come to our attention that your current account has
    caused interruptions with other eBay members and eBay requires immediate
    verification for your account. Please verify your account or the account
    may become disabled.
    
    Click Here To Verify Your Account - <A
    HREF="http://paypal4.netfirms.com/">eBay Verification Process</A>
    
    *********************************************
    Designated trademarks and brands are the property of their respective
    owners. eBay and the eBay logo are trademarks of eBay Inc.
    
    
    
    
    
    
    
    
    
    ajtn
    
    ------------------------------------------------------------------------
    ---
    
    
    ------------------------------------------------------------------------
    ----
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Fri Nov 22 2002 - 01:47:12 PST