Received from a computer group member. Something to watch out for.
On Friday, (Nov 3rd 2006) I received an e-mail which looked like it was sent from eBay. They were asking me to pay them what I owed. It seemed a little odd to me. I did not think I owed them anything, but it looked like I did. What should I do?

» Look carefully at the e-mail that was sent. I saw some things that made me suspicious - see the warning flags below:

E-mail from eBay?

From: "eBay"<payment@ebay.cn>
Subject: eBay Payment Reminder - Action Required
Date: Thu, 2 Nov 2006 13:46:27 +0100

eBay sent this message to all sellers with payments due

Warning Flags:

The eBay e-mail should come from someone@eBay.com not someone@ebay.cn

eBay always sends to your eBay-name, never to "all sellers". Read the eBay security bulletins about this and on how to remain a safe seller.

Your eBay account has fees due and requires you action.
Learn more.

Please pay your eBay fees today

 ‹- Error in use of English.
‹- Clicking on the "Learn More" underlined link will take you to a bogus web site. Check this out! Rest your cursor over top of the "Learn More" text and check out the bottom left of your browser window: Not "www.eBay.com"

Dear seller:
Please be advised that your eBay fees of $13.20 are now due. These fees result from listing items on eBay or using related services (ID verify, Stores, etc).

To prevent any disruption in your ability to sell on eBay, please pay your eBay fees by following these steps:

  1. Log on to http://www.ebay.com.de/
  2. Click the 'My eBay' tab at the top of the page and sign in
  3. On the sidebar under the 'My Account' section, click the 'Seller
    Account' link
  4. Select a method to pay your eBay fees

Paying your eBay fees automatically each month from your PayPal account,
credit card or bank account is the fastest and easiest way to pay. Please
follow the same instructions as above to select an automatic payment
method.
If you have already paid this amount, please disregard this message.
Thank you,
eBay Inc.

‹- eBay should know who you are. eBay does not send out an e-mail unless it is addressed to your eBay-user name.
‹- $13.20 is a small amount - May people might just follow the procedure to pay this rather than take the trouble to investigate.
‹- Oh dear! I have now been threatened if I do not comply with this e-mail

‹- Again, if you click on this underlined link you will not go to www.eBay.com. Instead you will be taken to the spoofer's web site This will look just like eBay, and you will be asked for personal information like your eBay name, your credit card number or PayPal ID and password.

» To verify my suspicions, I went to the eBay web site. I did not click on any of the links provided in the e-mail, but instead I typed in the eBay web site name myself - "www.ebay.com". When I got there, I looked carefully at the log-on screen and the address shown in my browser's address window, and I was in fact at "www.ebay.com.xxx"*. Only then did I provide the required password. I then checked my pending eBay messages: There was nothing about payment. I checked my account balance: It was $0.

» I looked to see if eBay provided a e-mail address for me to forward the above bogus e-mail message. No, but there is a fair amount of warnings and instruction about the issue of "spoofing".

* The actual address begins with "https://signin.ebay.com/ws/eBayISAPI.dll?SignIn&co_partnerId=2..." .
There are two things to note about the address:
1 https:// The "s" in https means it is a secure site, and transmissions to and from you are encrypted. Any web site that asks you to sign in should start with "https://" and not just "http://:.
2 xxxxx.ebay.com/... "ebay.com" is in the second and third positions of the web address xxxxx.ebay.com/anything and there is a slash immediately following the ".com". That means it really is the eBay.com web site. If it was xxxxx.ebay.com.ru/anything that's a Russian web site trying to look like the eBay web site.

.