Emails masquerade as eBay portal queries
vnunet.com, 06 Jan 2006
Criminals are again targeting eBay members, this time by sending forged auction inquiries from what appears to be the site's 'Question from eBay Member' message portal, according to security experts SpamStopsHere.
Account holders are prompted to respond to the inquiry by clicking the 'Respond Now' button in the email, and are then directed to a fraudulent eBay log-in screen.
After the seller has entered their log-in information the fraudsters steal their identity for later use.
Known as 'spear phishing', the attack is distinctive in that it is targeted and focused on one end user or organisation at a time.
Spear phishing emails are designed to appear as if they are sent from a trusted individual or company, and typically ask for log-in IDs and passwords.
Ted Green, chief executive at SpamStopsHere, said: "We are seeing an evolution in phishing and spear phishing attacks, and the sophistication is constantly increasing.
"Cyber-criminals are relentless in developing new and ingenious methods of monetary and identity theft."
Ebay members were targeted in a mass phishing campaign before Christmas which represented 96 per cent of all UK phishing attacks in December.
How web services contribute to data headaches
Remote access - Three steps to getting connected
3.4 million UK professionals now work from home – is your company equipped?
Cost benefits of a global collaboration network
This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications
Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.
Chris Adams, Office Client product manager for Microsoft UK, explains...
Critics says government proposals to curb illegal downloading are unworkable...
Do you agree?
Have your say on this article