How eBay can help stop Phishing
September 15th, 2005 by Sarah KingI just received a sternly worded email from "eBay" of which I am not a registered user. Out of curiousity I decided to view the source of the email and see which tricks this nasty Phisher had employed
I copied one of their links and was taken to a page on this server: http://64.4.16.250/cgi-bin/linkrd? and this clever little page that interrogated the server variables for info about my PC
-
<html><head><title> - More Useful Everyday</title></head>Your email message has been idle and this link has become inactive. To access the link, <a href="javascript:window.close();">close this window and return to your </a> Message. Then click the browser's Refresh button or close your message and reopen it.</html><!-- H: BAY22-F20.phx.gbl -->
-
<!-- V: WIN2K3 10.21.0000.0016 i -->
-
<!-- D: Aug 8 2005 14:46:21-->
-
<!-- S: 0-->
The form itself had this info in it
In my other Phishing emails post I talk about how you should check where the links are pointing to, and to check it out before doing anything. Well, this email was littered with valid eBay links, for the images and other info. That makes it really hard to determine what is what.
I found unnecessary and worrying that the Phishers were able to use eBay's own images!
such as 
-
<img height=16 src="https://scgi.ebay.com/saw/pics/sitewide/processBar1_16x16.gif" width=16/>
and
-
<img height=3 src="https://scgi.ebay.com/saw/pics/sitewide/leftLine_16x3.gif" width=16 align=middle/>
Now the use of a border isn't going to do much but atleast make it difficult and prevent hotlinking outside the domain!
And if using their formatting graphics isn’t bad enough, today I have one using their logo…
I just discovered the Anti-Phishing Working Group. eBay is a member.