There’s a new style of eBay phishing fraud doing the rounds via email that we’ve not seen before on Tamebay. We’re hoping that not too many people fall for it, mainly because it bizarrely relies on fax and we’re guessing that not too many people have fax machines laying about these days. Be warned however, opening the document will still expose you to having your identity stolen.
The email purports to be from eBay and titled “eBay Money Back Guarantee Urgent Changes Notice” it purports to come from “sellers.ebay.co.uk”. Including genuine information from the “2016 Fall Seller Update” (the first clue, if it came from the UK it would say ‘Autumn’, not ‘Fall’) the email invites you to “To apply for the new options of eBay Money Back Guarantee” and asks you to “please print and complete attached form and send it by fax”.
Opening the form will prompt for a user name and password and some Javascript will attempt to connect to a server located in Germany with a German xivory domain. The form itself requests your name, address, telephone number, credit card details and a scan of the front and back of your credit card which the phisher is hoping you will then fax to an 0161 telephone number located in Manchester.
It goes without saying that we’ve reported this to eBay but there is little they can do to prevent this type of phishing scam in advance. Sure they can attempt to get the server taken down and report the fax number for investigation but that’s only once it’s brought to their attention. This really is a case of eBay users (and Internet users in general) being sensible and regarding all requests for personal or financial information with suspicion. Needless to say the entire dialogue about the eBay Money Back Guarantee seems purely a ruse designed to put your mind at rest and con you into divulging your credit card information to the scammers.
We’re pretty sure that most regular eBay sellers and Tamebay readers are savvy enough not to fall for this scam, but if you’ve become a victim the first step should be to telephone your bank and have your card cancelled and your second step should be to report the incident to Action Fraud at https://www.actionfraud.police.uk/report_fraud
2 Responses
I received one yesterday.
Didn’t even read it. I never open PDF’s unless I’ve requested one.
Who thinks these things up?
yep i got this the other day… thought what the hell, who uses a fax machine anymore! posted it to the ebay forums a few days ago as you can bet that someone does it.