eBay investigates spoofs
- 30 September, 2003 12:00
The increasing prevalence of spoofed emails and attempts by hackers to gain personal information from eBay members has forced the Internet auction house to launch an investigation into Australian operations.
eBay's Trust and Safety Team have sent emails to Australian customers warning "there have been cases where people have attempted to gain access to an eBay member's personal information by sending spoof e-mails".
Creator of Gold Coast, Queensland-based speed-dating company Fast Friends.com.au, Rebecca Thompson raised the alarm after receiving an email from email@example.com "asking me to confirm my details and credit card number".
"I knew it wasn't from eBay Australia as I don't use [the email address the spoof e-mail was sent to] on eBay, and I am signed up with ebay.com.au not just .com," she said.
According to the eBay Trust and Safety Team, spoof emails intentionally give the false impression that they have been sent by eBay to solicit people to transmit their account information.
These suspicious emails had not been sent by eBay, a spokesperson said.
"By someone altering the reply-to address for this email, this message may appear to have come from an eBay e-mail address, when it actually came from an external email address," she said. "This process, commonly referred to as 'spoofing', will send a message to the spoofed email address and not the actual sender if you reply to the email message you received," she said.
eBay is currently investigating the source of the e-mail and the website.
"Although we are unable to provide specific information regarding the result of our investigation, we do take these offences very seriously and will make sure that appropriate action is taken against those responsible," she said.
"These emails are the result of fraudulent activity. Please let me assure you that eBay will never ask for your private information, including credit card information or passwords, in an email format."
eBay asks customers who suspect that they have received a spoof e-mail to forward a copy of the e-mail, including the full header, to firstname.lastname@example.org "to help eBay investigate the matter more quickly".