Message from eBay Member Regarding Item # – Spam/Fraud

We see so much spam, it actually gets rather boring after awhile. That’s why we sincerely appreciate spam that’s unusual or especially clever.

This spoofed Ebay Phishing Fraud email certainly fits the bill of interesting and very effective spam:

Subject:     Message from eBay Member Regarding Item #
From:     eBay <>

In the actual spam email, the item number is usually from an actual Ebay auction and the question certainly sounds plausible. We’ve seen many variations, but here’s a common example:

Hi , i`m from London and i want to ask you the buy it now price with delivery included ? Do you accept paypal ? Thanks!

The auction seller might think the writer is a bit obtuse, but there’s certainly nothing threatening about the question. Best of all, the message looks very authentic:


Message from eBay Member Regarding Item Spam - Fraud

Click for Larger Image


But threatening this email is, and exceptionally sneaky too.

Fact is, the email may reference a legitimate auction, but it’s not really from Ebay.

More importantly, the “Respond” button links not to Ebay, but instead to a very realistic spoofed “login page” such as:


Message from eBay Member Regarding Item Phishing Login Page

Click for Larger Image


What’s even better, and this is the real genius part, once you provide your user name and password, you are redirected to the real Ebay site.

If you were logged into Ebay from an earlier session, then you’re still logged into Ebay. If you were not logged in previously, then you won’t be now either, but you’ll be on the Ebay site and can just login again.

The beauty of the fraud is that while the spammer now has your actual Ebay username and password from the fake login site, many users will not realize what has happened.

They might log into their Ebay account and wonder why they don’t see a message to which they can reply, but that can easily be dismissed as a simple snafu on Ebay’s part, or they might think the sender retracted the question.

Regardless, the Internet con artist now has your account credentials and you probably don’t even realize this is the case. That’s the ultimate goal, from the spammer’s perspective, because if you’re unaware of what’s occurred, then you won’t quickly take defensive measures.

This campaign is well executed, targeted, clever and therefore very, very dangerous, likely to snag even more sophisticated users that can usually spot the average email con.


- -

OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.

Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."

OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.

Tags: , , , , ,

Comments are closed.