New (to me) eBay Phishing BS

This happened to me last night. I was browsing the watch listings. There was a new listing shown that was apparently out of place (as there was a provocative thumbnail, definitely not of a watch). Purely in the interest of research, I clicked on the auction. Up popped the eBay login page (just like I hear you would get if you wanted to check out eBay's Mature listings). Guess what, it wasn't eBay. I was redirected elsewhere but didn't catch it at the moment. The next page also looked like eBay and told you that the auction was no longer listed. This time I noticed that the URL wasn't eBay. I went back & did everything again but this time noticed that the login page URL was also funky. I typed a BS password and was sent to the same "auction no longer listed" page. My next move was back to eBay where I immediately changed my password (and then did the same thing in PayPal for good measure). Then I notified eBay about the "auction." If the phisher had been a little more creative with the URL, I doubt that I would have noticed. I've always ignored the e-mail phishing but had no idea that the same thing could happen directly from eBay. I've linked a couple of stories below about this kind of phishing. One shows an eBay login screen shot versus a phisher login screen shot. The basic differences are http vs https in the URL and the lack of the VeriSign Secured logo (which I assume could be faked anyway). This kind of crap could happen with ANY eBay auction. Forewarned is forearmed, I hear. Now that I know about this, I won't fall for it again. I know all of you sophisticated users would never have fallen for this, but I just wanted to pass this on to any other rubes like me out there.

http://news.com.com/Phishers+set+hidden+traps+on+eBay/2100-7349_3-6056687.html

http://www.darkreading.com/document.asp?doc_id=94738&WT.svl=news1_1

All you have to Remember is that when ever your at a Ebay/Paypal Login Page, Look at the Nav/Url bar..It should have https: with a Color Background instead of http:with regular White Background.

and Ebay/Paypal NEVER sends emails with a link to a their Login Page:naughty:

It's easy to spot if you know and remember these things

Phishers are getting creative but yet sloppy

I've got to admit, I've never seen an ebay listing that was a phishing attempt either. I see them all the time through email. But never once I was on eBay's site. That is interesting.

It gets better!! I recently sold an old laptop computer on eBay, and the high bidder was WAY out there on the price, he bid it up to like $250. (I think fair price would have been in the $80 range.) He was bidding against someone and they both had a "0" feedback rating, plus their accounts were created that day, which had my fraud radar up.

So I get an email saying that payment was one of those PayPal e-checks that will take a few days to clear. The email message was a fake; easy for me to see that since I've seen tons of phishing attempts. But, very convincing and the message lacked the "do not send the merchandise before this e-check clears" warning that real Paypal messages have.