From: Aron Roberts (aron@socrates.berkeley.edu)
Date: Fri Aug 30 2002 - 13:11:55 PDT
At 16:19 -0800 2002-08-29, Sara Leavitt wrote:
>Watch out for fake e-commerce sites:
>
>http://www.andante.com/magazine/article.cfm?id=18214&highlight=1&highlightterms=&lstKeywords=
>http://www.andante.com/magazine/article.cfm?id=18226
>
>I checked out the fake site www.sydneyopera.org. The order page is
>pretty lame and they don't use SSL encryption let alone a third
>party certificate, but I can see how someone might be fooled because
>they stole the home page graphics from the real site.
In a similar manner, below is an a July 2002 e-mail message from
"support@ebay.com", suggesting that the recipient must click a link
to avoid having their eBay auction service account deactivated if it
went unused for over 60 days.
The visible link in the message was to a valid eBay login page:
http://cgi3.ebay.com/aw-cgi/eBayISAPI.dll?SignIn
However, the underlying hypertext link was to a different page,
which was likely intended to 'harvest' the passwords of eBay users,
particularly those who used their accounts infrequently:
http://cgi3ebay.com/aw-cgi/eBayISAPI.dllSignIn
(Note the two points of difference between these two URLs.)
The fraudulent page to which this second link led -- since removed
by Yahoo!, which unknowingly hosted it for a short time -- looked
almost entirely identical to eBay's standard login page, but with one
subtle difference, the lack of a link leading to a second,
SSL-encrypted login page.
The problem of "fake" e-commerce Web sites mimicking the real thing
has apparently also been an issue for electronic payments vendor
PayPal, among others:
<http://lists.insecure.org/isn/2000/Jul/0119.html>
Aron Roberts
Workstation Software Support Group
---------------------------------------------------------------
From: support@ebay.com
To: {recipient address omitted here}
Date: Tue, 9 Jul 2002 00:33:24 +0300
Subject: Important information regarding your eBay account
Dear eBay member,
As we announced at the end of February, our User Agreement and
Privacy Policy have been updated. The User Agreement, in Section 9,
allows eBay to deactivate users if they are not using eBay user ID
for selling or bidding for more then 60 days. These changes were made
to deactivate non-working eBay members and to better serve the needs
of eBay community by providing a more comprehensive trading
environment.
-----------------------------------------------------------------------
If you use your eBay user ID less then every 60 days please follow
the link to confirm that you want to use it in the future, otherwise
your eBay user ID will be deactivated:
<http://cgi3ebay.com/aw-cgi/eBayISAPI.dllSignIn>http://cgi3.ebay.com/aw-cgi/eBayISAPI.dll?SignIn
-----------------------------------------------------------------------
If you use your eBay ID more often then 60 days please disregard this email.
Thank you to all for your cooperation and for making eBay a better
place to shop!
Regards,
eBay
-----------------------------------------------------------------------
The following was automatically added to this message by the list server:
Webnet information is available at <URL:http://webnet.berkeley.edu/>.
This archive was generated by hypermail 2b29 : Fri Aug 30 2002 - 13:12:25 PDT