I just ran across this, which I haven’t seen for a while. Variation on a theme. This time the hackers are using a fake “Buy it Now” button and a tricky contact the seller link. Either will lead you to the obviously fake phishing page which looks identical to an ebay login screen, save the url, page info etc.
(click thumbnails for larger view in new tab or window)
I’m editing to add that my browser in the latest incarnation of firefox. My urlbar background is set for color #D7E5E5, a light blue. On secure pages it changes to a light yellow or gold. (unlike this fake page) Firefox saw fit to do away with favicons, so that’s the default for all sites. On an actual ebaY login screen you should a green outlined area with a green padlock. Clicking that calls up the page info. Learn more about the padlock and the Firefox Site Identity Button.
The victim here is europiece20-uk who shows registered in the United Kingdom, yet the listings show location to be San Jose, California, a widely believed haven for fraudsters.
The composite image shows a few of the peculiarities of a sample bogus listing highlighted in red along with element/image properties. You can see the 2 images (one for “Buy it Now”, one for the terms etc) are sourced from 2 different places and the fake login is on a third as shown above.
Another thing worth mentioning is the time remaining. Six days, 23 hours+ remaining. This again demonstrates the hackers can get right by whatever filters may exist, while legit sellers wait for hours, even days before their items are visible. In fact, the gallery or thumbnail images may not have even had time to propagate yet from the looks of things?
I sure would stay clear of ebay. There’s been a sharp increase in these hacking or hijacking events and ebay is letting the fake listings remain in place, while deleting any warnings to their beloved community.
So I’m not sure what’s going in San Jose or ebaY these days? Maybe there’s something in the water? Bobbing corpses, industrial waste, radiation poisoning, bath salts? Who knows, but since truth is stranger than fiction there…