Asp Forum
Home
|
Login
|
Register
|
Search
Forums
>
comp.lang.ruby
Re: Account Verification
Mark Wilson
10/3/2003 2:57:00 AM
Who are you? Are you really eBay?
Regards,
Mark Wilson
On Thursday, October 2, 2003, at 08:23 PM, eBay SafeHarbor wrote:
<image.tiff>
>
> Dear eBay user,
>
> During our regular update and verification of the accounts, we
> couldn't verify your account
> information. Eighter your information has changed or it is incomplete.
>
> As a result, your access to bid or buy on eBay has been restricted. To
> continue using your
> eBay account fully, please update and verify your information by
> clicking below:
>
>
https://scgi...
saw-cgi/eBayISAPI.dll?V erifyInform ation
>
> If your update will not be completed in 5 days, your account will be
> removed.
>
> We apologize for disturbing you with this message, but we appreciate
> your efforts in
> helping keep eBay a safe trading place.
> Thank you for understanding.
>
> Regards,
> eBay SafeHarbor
> Verification Accounts Team
>
>
> ***Please Do Not Reply To This E-Mail. You Will Not Receive A
> Response***
>
2 Answers
Lyle Johnson
10/3/2003 3:36:00 AM
0
Mark Wilson wrote:
> Who are you? Are you really eBay?
If they are, maybe they should check to see if anyone is auctioning off
a dictionary since they misspelled "either" at the beginning of the
second sentence ;)
Or as Mark probably suspects, it's just the scam described in this story
at snopes.com:
http://www.snopes.com/inboxer/scam...
Cheers,
Lyle
Ryan Pavlik
10/3/2003 4:10:00 AM
0
On Fri, 3 Oct 2003 12:49:10 +0900
Lyle Johnson <lyle@knology.net> wrote:
> Mark Wilson wrote:
>
> > Who are you? Are you really eBay?
>
> If they are, maybe they should check to see if anyone is auctioning off
> a dictionary since they misspelled "either" at the beginning of the
> second sentence ;)
<snip>
It's pretty obviously a scam. Always check the _actual_ URL (split
for readability):
<a href="
http://scgi.ebay.com:Saw-cgi@69.49.246.84/saw-cgi/eBayISAPI.dll/?VerifyInforma...
onmouseover="javascript:window.status='
https://scgi...
saw-cgi/eBayISAPI.dll?VerifyInformation&#... true">
https://scgi...
saw-cgi/eBayISAPI.dll?V erifyInform ation
</a>
It's a somewhat evil trick. Actually, three going on here. Note the
scgi.ebay.com:blah@69.49.246.84... a common trick to "fake" a URL,
using username:password@host syntax. Combine that with printing the
fake URL as the text of the link for a sense of safety, as well as
some Javascript to even fake the mouseover, and you might even convice
a lot of people.
Like you said, the obvious misspellings don't do a lot for credibility
though, and spamassassin caught some other things in the headers.
--
Ryan Pavlik <rpav@mephle.com>
"Well what was it, Mr. Nightmare Pants?" - 8BT
Servizio di avviso nuovi messaggi
Ricevi direttamente nella tua mail i nuovi messaggi per
Re: Account Verification
Inserendo la tua e-mail nella casella sotto, riceverai un avviso tramite posta elettronica ogni volta che il motore di ricerca troverà un nuovo messaggio per te
Il servizio è completamente GRATUITO!
x
Login to ForumsZone
Login with Google
Login with E-Mail & Password