HomeContact Us at 1.800.458.3348 Support ResellersPrivacy Reseller Login Blog
SpamStopsHere Home
Support Menu
User Name: Password:
News & Events
New eBay Spear Phishing Scam
 Print
Wednesday, 04 January 2006

By: John Stith
SecurityProNews

One of the strengths of eBay is the openness with which people can do business. It's easy for people to set up their own business around eBay. It's essentially an open market and people pay their booth rental fee and that's it. The strength is also a weakness. The openness can lead to fraud problems and phishing scams seem to top them all. Now there's a new one.

Apparently the phishermen are sending out forged auction inquiries via email. Naturally, the email has a "Respond Now" link in it. And naturally people click on the links, plug in the asked for info and get hijacked. The spear phishing is a little trickier to deal with though. It's much more focus and goes after specific individuals or groups. They're designed to lull victims into security and then get speared.

"Just about anyone with an email account has undoubtedly seen an eBay phishing scam email at one time or another," said Ted Green, CEO of SpamStopsHere. "We are seeing an evolution in phishing and spear phishing attacks. The sophistication of attacks is constantly increasing. Cyber criminals are relentless in developing new and ingenious methods of monetary and identity theft. End user education is the best defense against spear phishing attacks." SpamStopsHere lists a few tips to help prevent phishing scams from working:

1. If an email asks you to log into your bank, PayPal, eBay or other personal account, assume it is a phishing scam.

DO NOT UNDER ANY CIRCUMSTANCE CLICK ON THE LINK IN THE EMAIL

2. Never enter banking information, social security numbers or other sensitive information by clicking a link in an email.

3. Never enter your computer user name or password into an email that requests it, not even if it claims to be from your IT manager or other co- worker. It is easy for a spammer to forge the sender's name.

4. If you are unsure as to the legitimacy of a particular email, open an Internet browser and manually type in the URL of the institution in question, e.g. "www.chase.com". Do not use the URL in the email as a reference, as it may be a forgery.

5. Treat any email that asks for sensitive data as a phishing scam.
 

"I love SpamStopsHere. It is better than I could have expected. I am telling all my friends.

Herbal Viagra is a thing of the past.......:)

Thanks for offering this excellent service to families at a bargain price."

Bill Person
More testimonials...