Bearing in mind the virus that was described here a few days ago... I just received an email from Ebay which reads in part: Dear valued eBay member, We regret to inform you that your eBay account has been suspended due to concerns we have for the safety and integrity of the eBay community. Per the User Agreement, Section 9, we may immediately issue a warning, temporarily suspend, indefinitely suspend or terminate your membership and refuse to provide our services to you if we believe that your actions may cause financial loss or legal liability for you, our users or us. We may also take these actions if we are unable to verify or authenticate any information you provide to us ------------- AFAIK, I've never dealt with Ebay as such, but I've just finished the steps for 'verifying' my PayPal account, which possibly could have triggered something like this. What makes me suspicious is that the message offers a link for "updating your Ebay records". If I'm too dirty for them, why should I be allowed to "update"? Is this some kind of phishing, or does it seem legitimate?

Dollars to donuts, it's phishing.

DON'T DO IT. Ebays has links about this stuff on their front page. At least they did last week.

In the immortal words of Admiral Ackbar... "IT'S A TRAP!"

ockham >>but I've just finished the steps for 'verifying' my PayPal account,<< ALERT! Was that due to an email sent you from "PayPal" because if it was, THAT was probably also a phishing scam and means bad news, you have to take action at once at ebay and any bank/cc associated with your Paypal account. ::::: Opera :::::

and in the immortal words of Ash: "it's a trap. get an Axe"

Okay, thanks! That's what I figured. Turns out that Ebay's front page actually includes a TUTORIAL on spotting 'spoof' emails. I forwarded this one to them, as they requested.

No, I started the 'verification' on my own. I wanted to start using Paypal in both directions for blog-ads and such.

I just got one from my "bank" asking for info. Sent it on to the bank for them to check out. You will NEVER get a valid request like this via email from any business. Marque

Quick resolution: Ebay's Spoof department responded that this email is a known phisher.

Yep it's fake alright! Once you have an Ebay or Paypal account you'll get these on a regular basis. I contacted Paypal about it and their advice is to ignore these as they would never send out anything like that. They also advised that you should always, always access your account by typing in the URL yourself in the address bar and checking your account that way. There are some right T***s around out there!

We had one about two weeks ago. Aeneas sent it to PayPal, but got an automatized answer. As he had tried to end this PP account for a long time, he got angry and asked the bank for another card as the number was probably no longer safe. We got a new one three days later, and now we feel much better.

I got the same email but funny thing is, I don't have an eBay account....guess the joke was on the phisher. As for PayPal, everytime I get one of those, I forward it to there spoof department.

I set up a yahoo account to catch all the crap that goes around out there. I keep my home email just for family and a few friends to use. At the yahoo account, I get approximately 5-10 of those bank email things every week. I always send them a nice fake name and a nice fake account number and then forward it on to the bank in question. I just like messing with them though. Imagine how useful "U. R. Dum"'s bank info is to them. Kristta

Ockham, I think I know what you're on about. Paypal have two or three different sorts of account, and a "verified" status which seems to depend on them having made transfers to or from a conventional bank account. Here in the UK, opening a bank account needs some basic check on your identity. But all that is done from the Paypal website. You don't get an email invitation. I've found the Mailwasher anti-spam program to be useful -- it has the ability to read a message, and it will tell you what the links really point at.

Imagine how useful "U. R. Dum"'s bank info is to them. Love it!

You don't have to have a PayPal account to get those. And if my bank would send me any meessages via e-mail, those would be probably in Polish, not English. It's easier to throw the spam away when English is not your native language :-)

Kristta, along the lines of sending back the email, what I like doing with all the snail mail that has a business reply envelope is to send it, empty of course. I figure, they paid for it so I might as well use it.

The number one clue that it's fake (aside from the fact legit businesses don't send such crap)is; If it doesn't address you by YOUR ACTUAL NAME, then it's a scam.

I got the PayPal phish too. Deleted the email instantly. Then accessed my PayPal account in the regular way to see if there was any excitement on it. None. Closed the window and the case. That's really the best way. If you think there's a chance the email is legit...don't follow it. Just go to your membership page in the usual way and take a look-see.

This is a scam. If your mail system has the option open the mail with full headers displayed. It is very likely that the originating address is not ebay. Do not use any email links to update or verify information. Go to the website itself. Depending on what you have done get into ebay and perhaps paypal and change your passwords. quoteendquote Are you certain whatever you did with paypal was authentic or have you just passed your paypal account to a third party ?

When my mother gets junk snail mail, she removes any reference to herself, then sends the junk from one snail mail back to a different sender, and vis versa. She has nothing better to do in her retirement, and gets some amusement out of it.

Message edited on: 03/09/2005 18:45

nickedshield, I love to take what they sent, run it through the shredder and send it back in their postage paid envelope. Works great if you have a shredder that makes that confetti like stuff. Usually that confetti stuff works great but for some reason, the mailings from CapitalOne credit card company have quadrupled since I started the confetti war with them. I now send three or four of their envelopes at least every other day. If they want to keep paying, then I'll keep playing. Kristta

what I like doing with all the snail mail that has a business reply envelope is to send it, empty of course. I figure, they paid for it so I might as well use it.

One of my friends does that. He not only sends back everything they sent him, he puts other stuff in the envelope, too. Like jar lids, bottle caps, etc. Anything that's heavy.

" confetti ", hehehehe, you're more demented than I :):):). CitiCards is one of the worse.

...it is as phony as those Nigerian scams. You don't need to have anything but an email address to get these spoof messages. It doesn't matter if you have an account with anybody or his dog, and certainly doesn't matter if you have an account with the supposed firm. I get spoofs by banks I've never heard of threatening to terminate my non-existent account if I don't immediately go online to confirm my personal data. The more popular a site is (eBay and PayPal and the larger banks have LOTS of customers), the more likely that a phishing letter will use their credentials to try to get your attention. The phishers are simply playing the odds. Let's conservatively say that 5% of all internet users have a PayPal account for online shopping. A phisher buys a list with a million names and puts up this spoof message. That is 50,000 potential people who might be tempted to click on the link. Let's also conservatively say that only 5% of them are stupid or gullible or confused and actually follow through. OK, 2500 people just turned over their passwords, bank account info, personal ID, whatever. The percentages are probably higher... but that still is a lot of victims... and the phishers put out millions of these emails. Carolly

recently I've been getting spoofed by my own name. Do not click through any emails to a website, is my rule. Go directly to the web address that you know you can trust. The con jerks are clever...you just have to be smart about what you do.

The trick that I usually use is to mouse-over (don't click on it, just hover over it with your cursor) the link that the phisers provide. When using using something like MS Outlook, after a few seconds, you will see where the hyper-link is pointing to. If it is legit, then chances are you will see that their URL matches with their legitimate website. If it points to something else (very often an IP address with a bunch of junk following) then you know right away that it is a scam. Clear as mud?

Take the pre-paid envelope, cut out your name and address from the cover of the envelope it came in (so they KNOW who it came from), and tape the pre-paid envelope to a brick... The first time they have to pay postage for a brick, they 'should' get the message. MacWorld was one of the worst offenders I had who continued to demand that I pay for a subscription I didn't want or ask for. When one brick didn't work, I mailed them two. When two bricks didn't stop them, I mailed them a 16 pound rock. Of course, I had to put the rock in a box.I also wrote my name and address on the rock with a note that said, "From Montana, with Love". Can you imagine the postage they had to pay for it?

Hey, that rock came from a very old mountain range and so is very valuable with all those historic associations. They ought to have been quite glad to have a rock like that delivered to them. ;^) I have had rocks mailed to me. There was a box from Michigan with a name I didn't recognize. I opened it and unswathed a rock from layers of plastic bubblewrap... when it fell apart into concentric shells in my hand. "Damned post office can even break a rock!" was my first thought. Then I found the note. Several years before, I was hanging around Yosemite Valley waiting for Tioga Pass to be cleared so that I could drive up to the High Country. A guy I'd been talking to was from flatland, so I offered to show him some real mountains. We drove up but couldn't get to Mt Dana because of the snow, however there was a clear spot near the trail with rocks. Lots of rocks. I proceeded to make a miniature zen garden with cracked rocks for the waterfalls, and he helped find just the right ones after I showed him what to look for. Years later he saw that rock on the shores of Lake Michigan and remembered a wintery day made special. It's a really neat rock. :) Carolly

Now that "rocks!" ;=]

Two little tips on nasty things like that: 1. Paypal, ebay etc. are very interested in these phishing-mails. Look for "security"-links at their sites and report the mail you've got (don't forget to paste the header of the mail!). They have much more staff (and experience) for hunting those little thiefs, so let them do the work ;o) 2. If you are not sure wether something is serious/secure or not search the usenet with google (link "Groups" or here http://groups.google.com/) by pasting the subject of the mail, then look for results in groups with an "abuse" (like news.admin.net-abuse.email) in the name. Most of the time you find the mail you've got with a little description of the content, sometimes you find detailed informations about the sender (so you can rent a bus and visit him with some other angry recipients ;o) ). By the way: If you want to post there read the Group-FAQ first! Mostly you're not allowed to post attachments there and full copys of the questionable mail are not welcome, the header and your question will do. Greetings Meike

I got one of those things trying to scam my comcast account info, well they got the info, but it was all as phony as a $3 bill :-)