Re: [ARSCLIST] WARNING about a new E-Bay identity theft scam...

[Don Cox <doncox@xxxxxxxxxxxxxx>]

On 06/02/05, Mike Richter wrote:
> At 02:30 PM 2/6/2005 -0800, RA Friedman wrote:
>> Yes, this is getting really bad since the "phishers" are now starting
>> to create exact facsimiles of the real sites. I got one for Paypal
>> recently. The link takes you to a site that looks just like Paypal.
>> It isn't. The rule of thumb is don't log into any site unless you
>> have chosen it via the actual URL in your browser. No legitimate site
>> will ever send you an email asking you to log-in.
>
> 1. Kill the HTML in all incoming e-mail. The true address is almost
> always invisible in plaintext, hiding underneath in the HTML.

Best to use an ASCII-only email program, with HTML display as a special
function (hardly ever needed).

>
> 2. Never click a link in an e-mail; copy and paste so you go to the
> site which appears to the eye.
>
> 3. Do not trust appearances. ebay.com is an eBay domain;
> ebaymembers.com may or may not be.
>
> 90+% of my HTML e-mail is spam or phishing. 90+% of my plaintext
> e-mail is legitimate. I've never received a plaintext phishing
> attempt.

I have my filters set to reject any mail which has only an HTML section
and no ASCII. They go to a folder which I check occasionally. False
positives have been 3 or 4 over a year, among thousands of Spam mails.


Regards
--
Don Cox
doncox@xxxxxxxxxxxxxx