posted on June 17, 2002 08:39:18 AM
I received the following mail this morning
Return-Path: <[email protected]>
Delivered-To: levy.net%[email protected]
Received: (cpmta 4894 invoked from network); 17 Jun 2002 06:48:56 -0700
Received: from 64.246.15.56 (HELO ournameserver.com)
by smtp.c000.snv.cp.net (209.228.32.60) with SMTP; 17 Jun 2002 06:48:56 -0700
X-Received: 17 Jun 2002 13:48:56 GMT
Received: (qmail 26213 invoked by uid 110); 17 Jun 2002 13:48:43 -0000
Delivered-To: [email protected]
Received: (qmail 26205 invoked from network); 17 Jun 2002 13:48:40 -0000
Received: from unknown (HELO 10.0.0.1) (202.154.241.139)
by 64.246.15.56 with SMTP; 17 Jun 2002 13:48:40 -0000
From: "[email protected]" <[email protected]>
To: <[email protected]>
Cc:
Date: Mon, 17 Jun 02 19:49:31 West Asia Standard Time
X-Priority: 1
X-MSMail-Priority: High
Subject: Change Password Confirmation
X-Mailer: Microsoft Outlook Express 6.00
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary=WC_MAIL_PaRt_BoUnDaRy_05151998
Status: U
X-UIDL: PQ3oyNHkIDwTHwE
Subject: Change password confirmation.
Date: Thu, 17 Jun 2002 19:39:20 PDT
You have successfully changed your password.
This is a courtesy notice. No response is needed.
If you or anyone with authorized access to your account did not
make this change, please login to your ebay now with your current
password from the following link to ensure safety. If the old password
is accepted, kindly don't change it for atleast one week so that we
may track down the fraudrant. Your ebay will not be harmed.
http://www.ebay.com/signin
Thank you for using eBay!
http://www.ebay.com
From the looks of it, it looks legit but if you look at the html code you see
Subject: Change password confirmation. <br>
<br>
Date: Thu, 17 Jun 2002 19:39:20 PDT <br>
<br>
You have successfully changed your password. <br>
<br>
This is a courtesy notice. No response is needed. <br>
<br>
If you or anyone with authorized access to your account did not<br>
<br>
make this change, please login to your ebay now with your current <br>
<BR>
password from the following link to ensure safety. If the old password<br>
<br>
is accepted, kindly don't change it for atleast one week so that we<br>
<br>
may track down the fraudrant. Your ebay will not be harmed.<br>
<br>
<a href="http://www.ouyersag23.com/ebay.asp"
target="_blank">http://www.ebay.com/signin</a>
<br>
Thank you for using eBay! <br>
<a
href="http://64.4.14.250:80/cgi-bin/linkrd?_lang=EN&lah=c67619032b584c9f2ca1951d2bce8eda&lat=1023351062&hm___action=http%3a%2f%2fwww%2eebay%2ecom"
target="_blank">http://www.ebay.com</a>
<br>
</pre></div>
posted on June 17, 2002 09:10:25 AM
I wonder how many people fall for these emails? Just the grammar alone should be a warning ("your ebay will not be harmed" "so we can track down the fraudant" ), but also the logic presented - "your password HAS BEEN CHANGED...but if it accepts your OLD one... ".
I wish every ISP gave a 5 minute "antifraud" course when people signed up. Just some simple tips would keep people from being suckered into these silly traps.
posted on June 17, 2002 11:46:31 AM
i wonder what country of origin??
romania,russia,indonesia,malaysia??
your ebay will not be harmed??sounds like asian english??
