If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#11
|
|||
|
|||
Is there any option to eBay for online auctions?
I have also received numerous scams emails. Initially, when I was not
sure about those from 'ebay', and before they were filtered out by my ISP, I would right click, select properites, and look a bit, or simple forward the email to . I figured that if it were real, they would email me back and say so. But I *always* got immediate replay 1: "we are investigating" and later reply 2: "not from us". Ditto for some from paypal and a few other places I had dealings with. |
Ads |
#12
|
|||
|
|||
Is there any option to eBay for online auctions?
On Mon, 08 Dec 2008 20:00:54 -0500, "Nick Knight"
wrote: In , on 12/08/2008 at 10:16 AM, Milco said: When You reply to this mail, one independent software "grabbed" Your address and used it to spread spam and other "garbage" - normally - because it was lot-lot of spam from Your "stolen" address delivered to others accounts, juno.com automatically suspended Your account just to prevent further "shipment" of this spam. Odd that they would email him in the first place, to steal his email address, isn't it? You don't even need a valid sender's email address to send any email. I can send an email now from " and the mail system would be quite happy with it. So, I'm not so sure why anyone, particularly spammers, would go to such trouble. I'm sure there is some logic behind it, somewhere. I'd be more worried about clicking on the email's links and logging into something. If they get access to his eBay account, or worse, paypal, there's more trouble brewing than being kicked off of juno. Would they be clever enough to shut down his email access so as to have more time with a hacked account? It's hard to tell you've been hacked if you don't have internet access. But then, he's posting here, so that isn't the issue. He could be in another user's e-mail contact list. Some malware / adware hijacks the mail system and sends out crap to people and they don't even know it. |
#13
|
|||
|
|||
Is there any option to eBay for online auctions?
On Tue, 09 Dec 2008 07:53:56 -0800, Sir F. A. Rien
wrote: found these unused words: On Mon, 08 Dec 2008 20:00:54 -0500, "Nick Knight" wrote: In , on 12/08/2008 at 10:16 AM, Milco said: When You reply to this mail, one independent software "grabbed" Your address and used it to spread spam and other "garbage" - normally - because it was lot-lot of spam from Your "stolen" address delivered to others accounts, juno.com automatically suspended Your account just to prevent further "shipment" of this spam. Odd that they would email him in the first place, to steal his email address, isn't it? Usually the 'reply' location requires a password 'for your added security and verification'. That's when they can abuse the account. You don't even need a valid sender's email address to send any email. I can send an email now from " and the mail system would be quite happy with it. So, I'm not so sure why anyone, particularly spammers, would go to such trouble. I'm sure there is some logic behind it, somewhere. That's only your ISP - many ISP's run a routine to see that the email is being sent from a PAID user and they they have logged in to send. The password may be automated, as with Thunderbird settings, but ...! I'd be more worried about clicking on the email's links and logging into something. If they get access to his eBay account, or worse, paypal, there's more trouble brewing than being kicked off of juno. They can do that if the 'clueless one' follows their 'verification' proceedure without noting that it's a scam. Would they be clever enough to shut down his email access so as to have more time with a hacked account? It's hard to tell you've been hacked if you don't have internet access. But then, he's posting here, so that isn't the issue. You don't need an email account to post in a newsgroup. It's a different procedure and uses a different 'port' and address. He could be in another user's e-mail contact list. Some malware / adware hijacks the mail system and sends out crap to people and they don't even know it. Often some idiot sends out a 'broadcast' [multiple TO:] names and some other idiot has the virus and all emails are grabbed! Didn't I just say that? BTW, I didn't say the rest above. That was someone else. If you MUST send a bulk, use "BCC:" [Blind Carbon Copy]. No one sees the addressees! Uh, yeah - I know that already. Thanks for the reminder! :^P |
#14
|
|||
|
|||
Is there any option to eBay for online auctions?
In , on 12/09/2008
at 07:53 AM, Sir F. A. Rien said: You don't need an email account to post in a newsgroup. It's a different procedure and uses a different 'port' and address. Thanks. Having plenty of experience actually writing newsreaders and email clients, I knew that. But you don't have to use a valid email address in your headers to send an email. All you need is a login, and the headers for an email are left to the creative person. Now, if they somehow acquired his email login and they've spammed from his account, that's one thing. But to use his email address (or anyone's, or a made up email) as the "from" in any email address I'd bet 99% of all ISP's would let it happen. This is actually a Good Thing in many business cases. Now, how would a spoof of an eBay mail manage to acquire someone's email account password? It's still not making sense to me ... mostly the email-oriented motivation behind such a potential spoof. Nick |
#15
|
|||
|
|||
Is there any option to eBay for online auctions?
On Tue, 09 Dec 2008 18:36:46 -0500, "Nick Knight"
wrote: In , on 12/09/2008 at 07:53 AM, Sir F. A. Rien said: You don't need an email account to post in a newsgroup. It's a different procedure and uses a different 'port' and address. Thanks. Having plenty of experience actually writing newsreaders and email clients, I knew that. But you don't have to use a valid email address in your headers to send an email. All you need is a login, and the headers for an email are left to the creative person. Now, if they somehow acquired his email login and they've spammed from his account, that's one thing. But to use his email address (or anyone's, or a made up email) as the "from" in any email address I'd bet 99% of all ISP's would let it happen. This is actually a Good Thing in many business cases. Now, how would a spoof of an eBay mail manage to acquire someone's email account password? It's still not making sense to me ... mostly the email-oriented motivation behind such a potential spoof. OK. Say Reader "A" gets a spoof e-mail. Opens it up and does what it asks. Yes, not all e-mail users are techno-savvy and will do these things, irregardless of being a user of eBay or not. (The "duh" factor, or some such.) This, in turn activates a script which determines which e-mail program it is and then proceeds the harvest e-mail addresses. When the harvesting is finished, a form based e-mail can be sent to those selected - or all - of the e-mail accounts harvested. Most of these spoof e-mails are housed on obscure (but not always) web servers and sometimes the trail is visible. I know for a fact that I have helped remove a few of the usual suspects from the eBay roles because of said detective work. I have noticed that their accounts were removed shortly after reporting them. Whether or not they nym-changed and went back to work elsewhere is unknown. All the malware sender has to do is get the "duh" user to log into their very own version of an eBay log on screen. Yes, indeedy! My brother fell for this after repeated attempts to tell him to ignore those e-mails. Someone hijacked his account, set up a sale of a jeep (truck) and had an opening bid of .01 ... Fortunately, I caught on within the same day and got him out of a jam. Yes - "duh" happens... |
#16
|
|||
|
|||
Is there any option to eBay for online auctions?
In , on 12/10/2008
at 08:50 AM, Sir F. A. Rien said: A quick glance and the reader thinks "eBay", but it's not. Then they reply and are met with a faked 'login' page. They sign in and ... ! The critical part is: saw-cgi/eBayISAPI.dll which invokes a program to capture your entered password. Sure. None of this is new news. But I'm still waiting for someone to tell me, based on the order of events that the original poster stated, how a fake email from eBay (which seemed to occur first) turned into a spamming event, and if in fact the fellow's eBay account was compromised, why would anyone even care about the spam issue? Why would his ISP care to the point of canning him? It would of helped if the OP would have actually filled in the dangle ... "it's come to our attention that you..." YOU WHAT???????!!!!!!!!! Your ISP will not can you for losing control of your eBay account. Well, unless a ton of bogus transactions have transpired. That would take some time to occur and to be uncovered and eBay would be the police in that case. We've received no report of that. So, we've all assumed it's because someone spammed with his email address. Well, *I* can spam with his email address, and he wouldn't get in trouble. I might. I can't imagine any ISP acting without actually seeing an example header and noting from wherest it came. So, it would seem that logic points to someone using his email login to spam via his account (given the limited info we've been given). And there remains the question: How does a hacker acquire access to his email account by spoofing an eBay message? He reported being dumped by his ISP. Not losing control of his eBay account. So, I'll assume until otherwise corrected that that isn't what happened. The best fitting scenario to date is that his contact list was used to spam folks. Was the OP using Outlook? That's the popular target for these kinds of hacks. I'm going to quit speculating myself, and even better, quit reading all of the dot-connecting that others are doing, whether dots are there or not. Perhaps the OP will graciously report in and offer up what exactly his ISP has accused him of doing. And let us know if he is still in control of his eBay account with no strange transactions present. Nick |
#17
|
|||
|
|||
Is there any option to eBay for online auctions?
On Wed, 10 Dec 2008 08:38:44 -0800, Sir F. A. Rien
wrote: found these unused words: On Tue, 09 Dec 2008 07:53:56 -0800, Sir F. A. Rien wrote: found these unused words: On Mon, 08 Dec 2008 20:00:54 -0500, "Nick Knight" wrote: In , on 12/08/2008 at 10:16 AM, Milco said: When You reply to this mail, one independent software "grabbed" Your address and used it to spread spam and other "garbage" - normally - because it was lot-lot of spam from Your "stolen" address delivered to others accounts, juno.com automatically suspended Your account just to prevent further "shipment" of this spam. Odd that they would email him in the first place, to steal his email address, isn't it? Usually the 'reply' location requires a password 'for your added security and verification'. That's when they can abuse the account. You don't even need a valid sender's email address to send any email. I can send an email now from " and the mail system would be quite happy with it. So, I'm not so sure why anyone, particularly spammers, would go to such trouble. I'm sure there is some logic behind it, somewhere. That's only your ISP - many ISP's run a routine to see that the email is being sent from a PAID user and they they have logged in to send. The password may be automated, as with Thunderbird settings, but ...! I'd be more worried about clicking on the email's links and logging into something. If they get access to his eBay account, or worse, paypal, there's more trouble brewing than being kicked off of juno. They can do that if the 'clueless one' follows their 'verification' proceedure without noting that it's a scam. Would they be clever enough to shut down his email access so as to have more time with a hacked account? It's hard to tell you've been hacked if you don't have internet access. But then, he's posting here, so that isn't the issue. You don't need an email account to post in a newsgroup. It's a different procedure and uses a different 'port' and address. He could be in another user's e-mail contact list. Some malware / adware hijacks the mail system and sends out crap to people and they don't even know it. Often some idiot sends out a 'broadcast' [multiple TO:] names and some other idiot has the virus and all emails are grabbed! Didn't I just say that? BTW, I didn't say the rest above. That was someone else. Not really, there are viruses that send 'back' the address book [contact list] directly from Missie through one of many MS holes. I was specifically referring to 'bulk' email [ multiple recipients] where the names were gathered not from the sender's machine, but from an infected recipient. I think I just said that. Thanks for not agreeing. :^) |
#18
|
|||
|
|||
Is there any option to eBay for online auctions?
On Wed, 10 Dec 2008 19:25:59 -0500, "Nick Knight"
wrote: In , on 12/10/2008 at 08:50 AM, Sir F. A. Rien said: A quick glance and the reader thinks "eBay", but it's not. Then they reply and are met with a faked 'login' page. They sign in and ... ! The critical part is: saw-cgi/eBayISAPI.dll which invokes a program to capture your entered password. Sure. None of this is new news. But I'm still waiting for someone to tell me, based on the order of events that the original poster stated, how a fake email from eBay (which seemed to occur first) turned into a spamming event, and if in fact the fellow's eBay account was compromised, why would anyone even care about the spam issue? Why would his ISP care to the point of canning him? It would of helped if the OP would have actually filled in the dangle ... "it's come to our attention that you..." YOU WHAT???????!!!!!!!!! Your ISP will not can you for losing control of your eBay account. Well, unless a ton of bogus transactions have transpired. That would take some time to occur and to be uncovered and eBay would be the police in that case. We've received no report of that. So, we've all assumed it's because someone spammed with his email address. Well, *I* can spam with his email address, and he wouldn't get in trouble. I might. I can't imagine any ISP acting without actually seeing an example header and noting from wherest it came. So, it would seem that logic points to someone using his email login to spam via his account (given the limited info we've been given). And there remains the question: How does a hacker acquire access to his email account by spoofing an eBay message? He reported being dumped by his ISP. Not losing control of his eBay account. So, I'll assume until otherwise corrected that that isn't what happened. The best fitting scenario to date is that his contact list was used to spam folks. Was the OP using Outlook? That's the popular target for these kinds of hacks. I'm going to quit speculating myself, and even better, quit reading all of the dot-connecting that others are doing, whether dots are there or not. Perhaps the OP will graciously report in and offer up what exactly his ISP has accused him of doing. And let us know if he is still in control of his eBay account with no strange transactions present. You can assume childish dot-connecting if you want. eBay DID NOT SEND the message and that is escaping your limited thinking on this. They don't do this. So, for all your posturing and so forth, you can plonk me as well. Maybe you can plonk yourself at the same time. And we thought you were a software developer? Hmmm... |
#19
|
|||
|
|||
Is there any option to eBay for online auctions?
|
#20
|
|||
|
|||
Is there any option to eBay for online auctions?
On Wed, 10 Dec 2008 20:18:49 -0500, "Nick Knight"
wrote: I typically don't plonk people based solely on density. Unless you somehow acquire some whit, or become more obnoxious, you're not worth the miniscule disk space involved. Simply sounds like you have axes to grind. Please, be my guest, but not on my time. Your arrogance is only exceeded by your thickness about how this could become spam. Maybe we could repeat it 20 more times, but it won't get through your double-wide head plate. You must be a real treat at airports. Considering this has nothing to do with stamps, I guess you're about as ignorant as the rest of us. Join the group... |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Ebay eliminating negative feedback option for sellers. | kayak144 | 8 Track Tapes | 5 | February 8th 08 12:17 AM |
Good online auctions besides Ebay?? | Audio | Coins | 0 | March 16th 05 09:32 PM |
eBay Australia to remove the "Reserve Price" option | A.Gent | Coins | 3 | July 5th 04 11:21 AM |
Heritage / eBay online live auctions look dangerous.. | Harv | Coins | 8 | July 30th 03 05:51 AM |