Criminals are again targeting eBay
members, this time by sending forged auction inquiries from what appears to be
the site's 'Question from eBay Member' message portal, according to security
experts
SpamStopsHere.
Account holders are prompted to respond to the inquiry by clicking the
'Respond Now' button in the email, and are then directed to a fraudulent eBay
log-in screen.
After the seller has entered their log-in information the fraudsters steal
their identity for later use.
Known as 'spear phishing', the attack is distinctive in that it is targeted
and focused on one end user or organisation at a time.
Spear phishing emails are designed to appear as if they are sent from a
trusted individual or company, and typically ask for log-in IDs and passwords.
Ted Green, chief executive at SpamStopsHere, said: "We are seeing an
evolution in phishing and spear phishing attacks, and the sophistication is
constantly increasing.
"Cyber-criminals are relentless in developing new and ingenious methods of
monetary and identity theft."
Ebay members were targeted in a mass phishing campaign
before Christmas which represented 96 per cent of all UK phishing attacks in
December.
Do you agree?
Have your say on this article