eBay users are the target of cybercriminals in a new variation of a common eBay phishing email. A common tactic used by cyber criminals is to suggest that an eBay account has been restricted and ask users to log in or provide details to enable account access.
This latest attack targets eBay sellers. Here is a sample of the phishing email currently circulating:
eBay users are the target of cybercriminals in a new variation of a common eBay phishing email. A common tactic used by cyber criminals is to suggest that an eBay account has been restricted and ask users to log in or provide details to enable account access.
This latest attack targets eBay sellers. Here is a sample of the phishing email currently circulating:
The emails are simple, but well crafted and all the hyperlinks (except for the phishing link) point to a legitimate eBay landing page. The email is not personally addressed to the email recipient and appears to be sent from notification@ebay.com.au (which demonstrates that the domain has been forged).
By clicking ‘Go To My eBay’, recipients are taken to a phishing site which is a replica of the legitimate eBay log in page.
eBay users are the target of cybercriminals in a new variation of a common eBay phishing email. A common tactic used by cyber criminals is to suggest that an eBay account has been restricted and ask users to log in or provide details to enable account access.
This latest attack targets eBay sellers. Here is a sample of the phishing email currently circulating:
The emails are simple, but well crafted and all the hyperlinks (except for the phishing link) point to a legitimate eBay landing page. The email is not personally addressed to the email recipient and appears to be sent from notification@ebay.com.au (which demonstrates that the domain has been forged).
By clicking ‘Go To My eBay’, recipients are taken to a phishing site which is a replica of the legitimate eBay log in page.
Notice the URL of the supposed eBay login page contains ‘ebau-192’ which is an attempt to trick users who scan the URL, hoping they see it as ‘ebay’ which forms part of the legitimate login domain, ‘signin.ebay.com.au’.
This phishing scam is seeking login credentials, giving the cyber criminals access to the account. No other account details are being phished in this most recent zero-day eBay phishing run. At the time of detection, only one other antivirus vendor was blocking this email as malicious (with > 60 vendors failing to detect the fraud).
As a precaution, we urge you to delete emails that:
- Appear to be from a legitimate company but are not addressed to you by name or are written in poor English.
- Require you to click a link in the email body to access your account, verify your identity or account credentials, or
- Have an unusual request that you would not expect to receive from the official purported sender.
To protect your business, we recommend that you share this alert and educate your staff about the nature of cyber threats, and employ cloud-based email and web filtering. A multi-layered approach combining desktop antivirus, anti-malware and anti-spyware will further mitigate the threat posed by emerging scams.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.
