Saturday, March 04, 2006

Phishing story

I always figured I was just way too cool to be taken in by one of these Phishing scams - you know the "Changes have been detected to your EBay account. Please log in and verify your information. Failure to do so will result in the suspension of your account" stuff. Then the link takes you to a side that looks totally legit and asks for your account number and password and all. I was way too hip for that.

But then yesterday I got the most devilishly clever one. If I weren't so irked, I'd rather admire the skill of it. It was in the form of an email that looked like this:



It really does look exactly like an EBay member message. And the "reply" button sends you to some kind of mirror site that does seem to log you into EBay, but I would presume in the process also helpfully copies your screename and password.

I am ashamed to say I fell for it, though I put 2 and 2 together moments later (equals 4, for the record) and was able to change my password - and passwords anywhere else where I used similar screenames or passwords. So I suppose the damage was limited, at least I hope. We'll see. And I am damned glad it was just Phishing for my EBay password (I wondered why I was suddenly buying hundreds of dollars with of antique woodworking tools and stacks of vintage porn magazines. That will be hard to explain to the wife).

But in any event, just be aware that there are some pretty slick scammers out there. And also, never, ever, assume you are too hip to fall for it.

2 comments:

wst... said...

i received an email like that the other day as well, however, ive never had an ebay account.

just write it off as all that sun and relaxin in hawaii that did it.

Sean Scully said...

Well, all that relaxing and overexposure to the sun was my excuse for all the other dumb things I've done in the last two weeks. I have to come up with a new rationalization - and "too drunk to know better" doesn't work 'cause it's not a very sympathetic condition.