So I get an email in my box the other day from eBay, saying that “someone had used your account to make fake bids at eBay” and that I needed to login to my account to verify.
They said I had 48 hours to respond and provided a link to sign into my account… so I did. Here’s a copy of the email I recieved.
Then I ended up at a page that looked like an eBay page but none of the links were working. I thought that was strange, so I took another look at the email. And then it hits me, this is probably a scam!!
Yep, I fell for one of the latest scams online…
Sending people emails asking them to login to their accounts for some reason (could be a bank account, eBay account, Paypal account, etc). The scammers have set up a webpage that *looks* like the right page but is actually on the scammers server. So when you login at this fake webpage, they capture your information and can go to the real site to login under your name. Big time yikes there!! Especially for any money related accounts.
So what did I do? Well I sent a copy of the email to eBay to make sure that it was a scam… it was. I then logged into my eBay account to change my password and to make sure I didn’t have any credit card info in there (I didn’t, whew!). I then smacked myself on the forehead cause I should know better, being the online *pro* and all… LOL. 😉
Just goes to show that these guys are good, sneaky buggers!
As a rule of thumb don’t ever login to a webpage using a link from an email… instead go direct to the website itself and login from there. The display URL in an email can look like the real deal, but they could have a different hyperlink behind the display.
Example: The email I received had a display URL of:
http://scgi.ebay.com/verify_id=ebay &fraud alert id code=00937614
Which looks like it is going straight to eBay… but in reality it went to this webpage:
http://210.188.194.161/.ws/eBaySuspension/signin.ebay.com/aw-cgi/eBayISAPI.dllSignIn-ssPageName-hhsin.php
That ain’t no eBay page! I’ll say it again… sneaky buggers.
So beware, learn from my mistake on this one. 🙂