Last week, we intercepted a phishing email purporting to be from Facebook, informing recipients that key features of their account had been disabled until their identity could be verified.
A similar email scam was detected earlier today afternoon (AEST), this time purporting to be from popular e-commerce retailer eBay.
The email infiltrated Australian inboxes using the display name ‘eBay’ with a subject beginning with the words ‘eBay account restriction’. It begins its body by informing recipients that their ‘selling privileges’ have been restricted and ‘any active or pending listings have been removed’ due to ‘recent activity’ on their account. The email then requests the recipient to aid in verifying their identity by providing scanned copies of valid IDs such as their Driver's Licence, Passport etc. It details a list of 4 steps on how to do so, along with information on what will happen after recipients have submitted the documents.
Here's a screenshot of the email:
This is a phishing email designed to harvest the confidential data of eBay sellers for malicious intent, such as committing identity theft.
Whilst MailGuard is stopping this email scam from reaching Australian businesses, we encourage all users to be extra vigilant against this kind of email and whatever happens, do not respond to it.
This email scam exploits the trusting relationship eBay’s large database of sellers hold with the well-established brand. By claiming to restrict selling privileges and removing active and/or pending listings, cybercriminals behind the scam aim to spark panic and concern among recipients, motivating them to rectify the situation as soon as possible.
The hallmark of this scam lies in how convincing it looks. Several techniques have also been employed to boost the legitimacy of the email. These include, firstly, incorporating eBay’s logo and branding. Secondly, cybercriminals behind this scam have also included information on what happens after recipients reply to this email. By stating that respondents will ‘receive an email confirmation’ acknowledging that their ‘account has been confirmed’, cybercriminals aim to boost the email’s authenticity as such standard follow-up action is expected of a well-established company such as eBay.
Despite this, several red flags appear in the email that would make any eagle-eyed recipient conscious of its inauthenticity. These include grammatical errors such as ‘Selfie photo of you holding the passport’ as well as spacing issues.
To reduce the risk of being tricked by one of these scams, you should immediately delete any emails that:
- Appear to be from a well-known organisation, typically a bank or service provider and are not addressed to you by name and may include poor grammar.
- Ask you to click on a link within the email body in order to access their website. If unsure call the company directly and ask whether the email is legitimate
- Offer money, reward or gift to entice you to hand over your personal details
- Ask you to submit personal information that the sender should already have access to or should not be requesting from you in the first place
Cybercriminals use email scams to infiltrate organisations with malware and attack them from the inside.
All criminals need to break into your business is a cleverly worded message. If they can trick one person in your company into clicking on a malicious link they can gain access to your data.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive email security.
Talk to an expert at MailGuard today about making your company's network secure: click here.
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below: