Example: The eBay Scam
This was a scam which prompted eBay users to reveal all their security information about their eBay account; username, password, secret question and even credit card details!
It looked extremely credible, having all the eBay logos and styles and was designed to throw users into a state of panic that they might lose their eBay account if they didn't respond.
Needless to say, this had nothing to do with the eBay organisation at all!
From: eBay account suspension
To: ...
Sent: Saturday, April 17, 2004 2:25 PM
Subject: Account suspensions warning
Dear eBay user,
During our regular update and verification of the accounts we could not verify your current information. Either your information has changed or it is incomplete.
As a result your access to your eBay account will be restricted.
According to our site policy you will have to confirm that you are the real owner of the eBay account by completing the following form within 24h or else your account will be suspended without the right to register again with eBay.
Please use the link below to complete this verification:
http://scgi.ebay.com/saw-cgi/ebayISAPI.dll?ConfirmRegInf
Thank you!
eBay Customer Support
Clues
This email had avoided all the obvious errors; the addresses were consistent and seemed to be valid eBay ones. In other words, there were no obvious clues to be found in the headers!
There was a clue further down the message but now we're getting into some pretty technical stuff!
In the code for the page where it directs you to a website, the text on the page suggests that it will direct you to //scgi.ebay.com/saw-cgi/... however whilst the actual link is (no doubt purposefully) confusing, it ends up actually directing you to acc-info.com/verifx.html which is nothing to do with eBay!
So the clue which can be derived from this is that where the page appeared to be directing the unwary was different from where it actually went... but that's getting a bit heavy for the ordinary, non-techie user!
If you suspect that it could be genuine, don't respond to the email, contact the people who are supposed to have sent it using your normal methods.