Spearphishers track eBay trades

Posted by   Virus Bulletin on   Sep 12, 2006

Auction losers tempted by second-chance phishes.

As part of the general trend of more focused phishing, users of online auction house eBay are reporting phishes directly targeting losing bidders.

When an auction ends and someone has been outbid, they are contacted, either by a private email claiming to be the seller or by a spoofed mail appearing to come from eBay itself, informing them that the buyer has pulled out of the sale and that they, as second place bidder, are granted a 'second chance' to buy the item.

Once the phisher has scooped up personal information, credit card or PayPal details, or even a PayPal payment sent directly to them, the victim (of course) receives no goods and the phisher disappears back into the ether. Most of the trades targeted have involved expensive audio equipment.

'eBay has always been a popular target for scams of this nature,' said John Hawes, Technical Consultant at Virus Bulletin. 'This is a new and insidious trend however; the scammers are hoping that the pleasure of seeing their dashed hopes restored will override people's normal thoughts of safety. Web users should always exercise caution when sending out their private or financial details.'

eBay offers advice on spotting spoofed version of its emails and sites, here.

Find out more about the future of phishing at the Virus Bulletin conference (11-13 October, Montréal), where Jamz Yaneza (Trend Micro) will present his paper 'Spy-phishing - a new breed of blended threats'.

See the full programme here or click here to register now.

Posted on 12 September 2006 by Virus Bulletin

 Tags

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.