Phishing is an online term used to describe data theft. Phishing is an acronym to “fishing” because the victim is “baited” into giving their info to a third party masquerading as a legitimate company.
Example: You receive an email from eBay instructing you to update your password. You proceed to input your current email address and password on the website and then the scammers collect your account data.
The scammers register your current login details and redirect you to the original site. You have no idea you submitted your information on a scam website because they copied the original website design. Once they have your information, they take over your account and drain your funds.
The same tricks are employed across all popular payment platforms such as eBay, PayPal, online banks, crypto wallets or any other website where sensitive information could prove to be useful to a scammer.
How Phishing Works – The Basics
If a scammer attempts to steal your eBay or PayPal login, they no longer have to hack into your account! They employ an array of sophisticated scams where you willingly input your details and do all the hard work for them. The scammers lead you to believe they’re protecting your account and convince you to submit your login details willingly on your own.
Scammers may present themselves as customer support to establish authority. Potential targets for phishing are citizens who own accounts on payment services or any other kind of websites that could be worthwhile. Scammers will demand you hand over your sensitive information such as email, password and/or credit card details.
How do they get away with it? They do it under the pretense of security risks and ask you to change or re-enter your password/login details on a website they own. They present themselves as the company and use direct copies of the logos, the same as if they were the actual company. Once they’ve collected your account information, they quickly drain your account of any balance.
To avoid being a victim of phishing, you must be aware of the ways scammers operate and become weary of new methods they employ.
How To Identify Phishing Emails?
Phishing scammers send out emails that may contain exact copies of professional emails – ones that websites such as for example eBay themselves would send out to customers. They copy the outline, logos and any other visual media to make their emails pass as legitimate.
However, scammers don’t have access to certain information that eBay does such as your username and they mass-send millions of emails in the hopes that hundreds or even thousands of people will fall for their bait. They usually don’t link directly to the eBay server but contain fake URLs that they self-host which are easily identifiable. The following red-flags are what you need to stay alert for to avoid phishing emails:
- Request for confidential information. Scammers immediately request your information such as your credit card data, your email, password and other sensitive information. If you receive a request by a company masquerading as a representative, be weary as most companies don’t require account changes or they demand it inside the platform – not via email. Example: PayPal and eBay only update information from inside the platform once you’re logged in. They don’t email clients asking them to update their passwords annually or anything that requires immediate attention over email. This is only employed by scammers who want to steal your data off-site, and they will often directly ask for your credit card. If you receive a request to “update your account password” or “your credit card expired”, delete the emails immediately and don’t open them.
- Fake ‘emergency’ call-to-action. All phishing emails are wrapped in an urgent “call to action” undertone. The scammers specialize in extracting information by leveraging emotions and for this purpose they employ emotional, threatening and action-heavy language. If an email is urging you to “act fast” and threatening that your account might be closed down, there is a high chance it’s a scam. Become weary of emails that have titles such as “72 hours left to act on your account” or “Password expires soon”. Those will prompt you to fill out your sensitive information on a 3rd party phishing site. If you accidentally fall for it, update your password and/or close your account.
- Attachments in the email. Many phishing emails also contain viruses and tracking codes in the attachments which infect your computer if you accidentally download them. Credible websites such as eBay and PayPal do not send out attachments unsolicited. If you ever receive an attachment by a legitimate processor, it will be one that you requested such as your invoice or an annual tax report for your balance. If the email contains an attachment which you did not personally request, make sure to never click on it and/or open it.
- Announcement greetings. Many phishing emails have fake announcement greetings such as “Attention PayPal account holder” which they use to legitimize their emails and make it seem as if they’re an actual representative. If a company sends out an announcement, they usually contain bland information without links urging you to take action. In all phishing emails containing “announcements” you will be prompted to click on a link and be taken out of your email account on to a website where you input your sensitive information.
- Fake URLs. Scammers purchase URLs that contain the brand name of the company but are not on the main domain of the company. For example, a real PayPal link would lead to the main PayPal.com site while a phishing link would link to a fake website like login-paypal.com or login-paypal.com@91.40.2.44 where they request you to input your login details. You can easily see where a link leads to if you hover over the link on the email. If the link looks even vaguely suspicious, don’t open it. In most cases the same announcements you get over email are going to be available in your main account. To bypass the phishing link, open the main website yourself and check whether you have a prompt inside the notification panel.
How To Identify Legitimate Emails
- Personal information will be listed. Look for signs of personal information such as your username on eBay or your full name for PayPal. Those should be mentioned at the start of the email. Phishing emails are sent out by people without access to your account – they have no idea who you are until you submit your information. If the email contains something that only an “insider” would know such as eBay, this is a sign it’s a legitimate email. For PayPal a typical email would contain your first name and last name. Bitcoin trading websites will also contain your username or details associated with your account that hackers don’t know. All phishing emails are mass-sent and they are identical across the board, there is no personal touch because they don’t know who their victims are and they prey you will submit your information on your own accord. This is why you stay alert for signs of personal information, at the very start of the email.
- No 3rd party input will be required. Legitimate websites link to announcements and/or new features where you are not forced to log in. They never ask for your sensitive information such as username, password, email or credit card information. eBay never sends out emails asking for password changes or credit card details. Be wary as more “dedicated” scammers operate over the phone too, and they may request your information over the phone. Never change your information through a link you got in the email, open the main website such as eBay.com and change your information there directly (if you need it). Apply the same principle to all other accounts, and never trust incoming emails. If a legitimate company requests you to change your information, you can do this directly from their platform without clicking on an email link.
- Emails will be “clean” without attachments. Emails sent out by reputable companies such as eBay will be attachment-free. Their emails are clean and simple, only addressing new updates and regulations without prompting a client to leave their inbox or download an attachment. If the email includes unsolicited attachments it is usually a phishing scam or a virus.
- Friendly language in the emails. Legitimate websites employ friendly language and engage clients in a friendly manner. Phishing emails usually contain threatening or violent language that prompts a user to take immediate action. Example: You might be threatened that your PayPal account would be closed down in 48 hours if you don’t “change your password”. This is a typical phishing email that threatens clients into taking action. All professional companies employ friendly language even in emergency situations.
How To Stay Safe From Phishing Emails?
If you doubt that you received a phishing mail and you’re confused because it could be real, there are two steps you should take:
✔ Step #1. Do not click and/or open any links in the email. The mere act of opening the email will inform a scammer you’ve opened the email and they can receive your information if they embedded a tracking code in the email. This is even worse if you downloaded their attachments because they may have direct access to your computer. To stay safe, never open a suspicious email. If you did open it, delete it and make sure you didn’t download attachments from sources you don’t recognize.
✔ Step #2. Forward the email as an attachment to the legitimate company. Companies such as PayPal and eBay have fraud departments that can identify if the email you received was real or a phishing attempt. Go to the help section and find the email for the “fraud department”, and email them what you got. They will respond promptly and notify you as to whether the email was real or you received a phishing email.
Visual Examples of Phishing on eBay
We are going to look at some examples on one of the most popular to be phished websites, eBay. Scammers phish on eBay to obtain eBay ID’s which are then used to sell fake or non-existent goods or sell these accounts further in the underground market.
In other words, the new owners of stolen eBay ID’s now are equipped with positive feedback, previously generated by the real owner, and these are now being used to scam people. Many types of ebay phishing scams exist and here we will take a look at them.
Message From An Ebay Member
This genuine looking email is a masquerade. The message is not sent from eBay, but from a fake imposter. As soon as you clicked on “respond”, you were directed to an exact clone of eBay and your personal information was stolen.
These messages come in different styles and shapes. Going to ebay.com directly and not clicking any links will prevent your account from being stolen. Check your private messages there and you will see if you in fact received a message or not.
Update Credit Card Information
Look at the link above. It looks as valid as it could. It is written http://signin.ebay.com, but this written link actually points to a fake clone of ebay. This is done with a href code in html coding.
Here you have a safe and real example. Click on this link:
The address shows eBay, but you were linked to Amazon. We have linked you to Amazon, but the con artist will link you to dupes of legit business websites in an attempt to obtain sensitive information from you. Beware what you click, your browser shows you the link in the left bottom corner if you only hover over the link, without clicking it.
Re-enter Account Information
This whole email was actually an image which referred you to a scam website if you clicked anywhere on it. Your mouse cursor changed to a “hand”, if you have this set as default when you point over a link.
Javascript Manipulation
Sophisticated and clever scams are in many cases done with programming languages such as javascript. eBay allows javascript to be implemented into the templates of listings, giving scammers opportunities to scam you right on the real eBay website. Yes, you don’t have to leave the original eBay site, to get scammed. Manipulation of javascript and similar ideas are hard to recognize. The scammer uses a fake feedback in order to make buyers believe he has a reputation at eBay. Look at this:
Fake Feedback
A feedback score of 120, paypal buyer protection button and power seller!
Real FeedBack
eBay does check the auctions before listing them, but embedded javascript codes are usually placed after the listing of an item, with the edit listing option. eBay does a lot to prevent javascript trickery by manipulating the javascript calls but a con artists will keep finding ways around it.
UPDATE
eBay has since blocked javascript from being used in listings, so you do not have to be as vigilant anymore. Browsers have also come a long way of protecting their users from malicious code. The example above was left as a reminder of what can be done with any other website that may be suspect to such manipulations.
SUMMARY
Before you buy an item, check the previous items sold by this seller. Chances are if he was selling unrelated and different items than he is selling now, this ebay ID might be a victim of phishing and is now used by a con artist. Professional companies will never send you an email requesting you to enter your personal information.
If you do receive an important notice and you doubt its legitimacy, close the email, start a new session with your internet browser, and manually type in the website address of wherever the notice claims to come from. In this phishing example we used eBay as one of the most popular phishing places, but phishing frauds are all over the web. They are here to stay, so the best way to protect yourself is to educate yourself.