Welcome to the MacNN Forums.

red rocket · Jul 19, 2007, 05:31 AM

I hate eBay.

Checked my e‑mail this morning because I have some auctions running, and there was this note from the fụckers in my inbox saying that there were signs (!) that some third person besides Mr eBay and myself had illegitimately logged into my eBay account.

I wonder how that person may have gotten hold of my password. I didn't share it with anyone, so it must have been Mr eBay, the bastard.

The note went on to speculate that mystery man may have got it via some phishing e‑mail. Nonsense, of course. None received, none answered, Mr eBay must think I'm stupid.

Stupid is as stupid does. Mr eBay doesn't even know how to spell his own name consistently, it's ‘eBay’ everywhere except in the bloody logo, which says ‘ebaY’. Moron.

So I spend the next five minutes analysing the e‑mail header to see whether this wasn't a phishing e‑mail (can't be careful enough) before reading on.

Anyway, apparently, the eBay security team (!) have deactivated my password and secret question, so I have to reset all that.

Before I do, Mr eBay suggests that I change the password for my e‑mail account. (WTF? That's been hacked as well? Jesus! If they've hacked my e‑mail account, how can I even believe any of the messages I've got in it?)

Crazy. I follow the steps that make sense, and it turns out everything was fine.

Where do they get the idea that someone's been in my account?

Y3a · Jul 19, 2007, 05:55 AM

Only go to your REAL EBAY site, don't follow the links in the email. As your mouse goes over the web link, you'll notice NO HTTPS.

onlyone-jc · Jul 19, 2007, 05:56 AM

It sounds like the e-mail wasn't from eBay at all. I wouldn't worry about it. Just be careful of such e-mails in the future, and always check the headers, as you did in this case.

Good luck,
onlyone-jc.

Big Mac · 08:28 AM

I once got a really legitimate looking, yet suspicious, PayPal message that PayPal confirmed to be fraudulent. . . This message was so authentic looking that if it had been a phishing attempt it was so good as to be virtually undetectable as fraudulent; the only thing that was suspicious was that the link it contained went to http://www.paypal.com/ instead of https://www.paypal.com/. (I examined the source to verify that that was truly the link provided and not just a concealed spoof URL.) That feature was what made the PayPal rep identify it as fraudulent, but that makes little sense to me because as long as it actually links to paypal.com it's not going to go somewhere else (as long as you're not duped by a unicode look-alike character and your host file isn't hacked). The strangest thing about this message was that the headers showed it came from an eBay server. The PayPal rep wouldn't confirm it, but she also would not deny that the message could have come as a result of a successful infiltration of an eBay server.

But as for your experience, red rocket, you clearly fell for a poorly disguised a phishing message. That makes me chuckle a bit.

red rocket · Jul 19, 2007, 08:51 AM

Originally Posted by Big Mac

But as for your experience, red rocket, you clearly fell for a poorly disguised a phishing message. That makes me chuckle a bit.

Where do you arrive at that conclusion?

The e-mail came from eBay. No phishing attempt was made. I go to eBay's web page, and they have disabled my password, as the mail said. I follow eBay's instructions to create a new one. At no time did I enter any information on anything other than the authentic eBay site.