E-Bayers beware - new phishing scam!

Phishers Steal Trust from eBay Sign In Pages Security.

Fraudsters have exploited a flaw in the eBay web site that allows them to orchestrate phishing attacks using eBay’s own Sign In page.

Registered users of eBay’s popular online auction web site must sign in using a username and password in order to participate in bidding and listing of items. A new style of phishing attack reported through the Netcraft Toolbar community shows fraudsters exploiting flaws on the Sign In page and on another ancilliary page which results in victims being redirected to the fraudster’s phishing site after they have logged in.

This particular attack starts off like many others, by sending thousands of emails that instruct victims to update their eBay account details by visiting a URL. However, that is where the similarity ends, because the URL in this case actually takes the victim to the genuine eBay Sign In page, hosted on signin.ebay.com. By including special parameters at the end of the URL, the fraudster has changed the behaviour of the Sign In page so that when a user successfully logs in, they will then be sent to the fraudster’s phishing site via an open redirect hosted on servlet.ebay.com.

The eBay Toolbar reports that the maliciously modified Sign In page is a “Verified eBay Site”. Conversely, the Netcraft Toolbar denies access to the modified page while still allowing access to genuine eBay Sign In pages.

The victim is more likely to trust the contents of the fraudster’s site, because they have arrived there as a result of signing into eBay via a genuine eBay Sign In page. Because there is less reason to suspect anything is awry, the victim is more likely to surrender any sensitive details in the mistaken belief that they are really giving them to eBay.

Theft of eBay and PayPal accounts is of particular interest to fraudsters, as they can be used to launder money and list phony auctions for high value goods, piggy-backing off someone else’s positive feedback.

This is from >> Netcraft <<


Here is another scam going around…
A complaint has been filed against you in the Fraud Reporting Form at

Complaint Tracking Number: 205873935
By: x x@x.x
Item #: 2996804910
Winning Bid: $36.00
Payment Method: PAYPAL
Date Complaint Filed: July-27-05 11:49:48 PDT
Nature of Complaint:
I sent a payment but never received any merchandise.
Text of Complaint: I won an auction for a $500 Pep Boys Gift
Certificate. It was a certificate number which you entered after ordering
online. We were told by Pep Boys, that the certificate number was stolen
and not valid.

In the next 3 days, please visit the Fraud Reporting Form to resolve
this complaint with caseylynncarroll. If you do not do so,
caseylynncarroll will receive information about the appropriate agencies
to contact and/or to file charges against you. Moreover, if these agencies
determine that you have committed fraud, eBay will suspend your membership
The Fraud Reporting Form is accessible at :

MailScanner has detected a possible fraud attempt from “www.kvsa.org” claiming to be https://arribada.ebay.com/saw-cgi/eBayISAPI.dll?fraud

Regards, If you are not aware of this item being sold on your ebay account, Please
goto the link below and reactivate your account status.

MailScanner has detected a possible fraud attempt from “www.kvsa.org” claiming to be https://arribada.ebay.com/saw-cgi/eBayISAPI.dll?fraud


Thank you,
Fraud Reporting Form
Please note: eBay does not endorse the claims of either party set forth
in this complaint. We are merely trying to facilitate a satisfactory
resolution between you and caseylynncarroll by acting as a reporting and
information service. We hope it is not necessary, but if you have any
questions regarding the validity of these claims or your position in
the matter, you are encouraged to seek the advice of legal counsel.