When it is a Phish

So after my experience with getting a valid notification from eBay (thanks again eBay), I received the following email supposedly from PayPal.


This one was immediately suspicious. For one, the href for the URL was a dotted quad (85.234.150.131). Two, the “whois” entry wasn't in anyway associated with PayPal.

OrgName: RIPE Network Coordination Centre
OrgID: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL

ReferralServer: whois://whois.ripe.net:43

...

% Information related to '85.234.128.0/19AS29550'

route: 85.234.128.0/19
descr: PH-Network Europe, operated by Euroconnex Networks LLP
origin: AS29550
remarks: *********************************************
remarks: For Peering and more info: www.euroconnex.net
remarks: *********************************************
mnt-by: POUNDHOST
source: RIPE # Filtered

And three, the email was not sent to the email address associated with my PayPal account.

The rest of the email looked pretty legit however, and after my experience of the previous week... I had to look closely to file this in the “scam” folder. I have to wonder if this email is in any way related to the credit card fraud of the previous week.

Tags: Phishing, eBay, PayPal

When it's not a Phish

On March 29 I received the following email from eBay (I left out the “boiler plate” text regarding how to protect yourself from fraud).


My first thought was another clever phishing scheme as I don't have a credit card on file with eBay other than my PayPal account. So I looked through the email for links or other telltale signs that would indicate a phish. I couldn't find anything so I went to eBay and logged in (not via the email of course). There were the same two emails in my eBay “inbox”. I checked my account at eBay and everything looked fine. I then checked my associated PayPal account and there were no purchases via that account. Next step was to check my credit card balance.

Hmm... there on my activity statement was a charge from snapfish.com. The immediate red lights started whirring as I don't have a snapfish account. So off to the hassle of calling the credit card company, snapfish.com etc. The result of these calls was to watch my credit card account (the first fraudulent charge was $1.33). The following day there were two more fraudulent charges from snapfish.com ($2.90 and $41.65 respectively). Now back to the phone to remove these charges from my bill, cancel the credit card and get a new card issued with a new number. The biggest hassle being finding all the companies that have re-occuring charges against that card. Yet another thing to keep track of in the event this happens again.

A BIG thank you to eBay for sending this email and helping me catch the fraud right from the start. Needless to say this experience has not been pleasant, including monitoring of online credit card statements while on vacation this week. This is my first experience with this sort of fraud and I don't hope to repeat the process anytime soon:)

Tags: Fraud, Credit Card, Phishing

When phishers get lazy

So I received this email at one of my email accounts this week. It's not nearly so clever as the one pointed out by Conor here. What I found interesting is that I don't use that email account with eBay and I've never sold anything on eBay. So naturally I was suspicious. I suppose it's just easier for the phishers to swamp the "market" rather than do their homework.

Hmm... I wonder if all those PowerSeller ratings are real?



Tags: Phishing, eBay