PHISHING AT EBAY DURING THE HOLIDAYS

The following is a Phisher's attempt to get a free cell phone on eBay by using a a combination of mail fraud social engineering, wire fraud and email relay. I got hit with two seperate phishing scams during December 2004.

In December 2004, I placed my Nokia 6010 cell phone on eBay. I got a few bids immediately. The auction was scheduled to go for 7 days.

I got an offer for the phone outside of eBay. Anyone whose been on eBay long enough knows that making deals outside of an ongoing auction is against eBay policies. This didn’t bother me, I just ignored it because I figured if the guy really wanted it all he had to do was hit "buy it now.” I don’t usually report this activity to ebay because they seem to ignore me unless it is a recurring thing that I report over and over.

The very bad grammar and mention of Nigeria imediately made me think it was some lame newbie phisher trying to scam me.

The potential buyer said he was in a rush to get the phone and was going to send $600 dollars Western Union Auction Payments, but wanted me to send it immediately because it was a gift to a friend whose birthday was soon. This phisherman and others take advantage of the holiday season because they know people are in a rush.

Phisher's MESSAGE TO ME:

"HELLO SELLER ,
I HAVE MADE THE PAYMENT AND I WILL SEND YOU THE FEDEX SHIPPING LABEL SO I WILL WANT YOU TO PASTE THE LABEL ON THE PACKAGE AND GO AND DROP THE PACKAGE IN THE NEAREST FEDEX OFFICES IN YOUR AREAS .KINDLY GET BACK TO ME AS SOON AS THE ORDER IS APPROVE SO AS TO SEND YOU THE FEDEX SHIPPING LABEL.
I AWAIT YOUR REPLY SOONEST
THANKS"

I was only asking $110 for the phone so I was very suspicious. He said his friend was in Nigeria (don't know what is going on as far as hacking and information security), but even with a rush delivery with Fedex it couldn’t cost more than a total of $250. If he wanted to spend $600.00 dollars why not buy a Treo or some other $300 dollar PDA/Phone.

I told him to click the “buy it now” button and the Nokia was his.

He did not “buy it now.” Guess he didn't want a eBay analyzing his phishing efforts and cutting him off.

I got a nice little “receipt” from Western Union Auctions notifying me of a $600 dollar payment. He then immediately sent me a Fedex shipping label via email and invoice.

Now I was interested, but I just felt something was wrong (in retrospect everything was wrong.)

He wanted me to send the cell phone before I got the cash in my hands and he WOULD NOT hit the Buy It Now button! So I decided to call Western Union Auction and verify the Money Order Reference Number, #11006703232, before I did ANYTHING else.

Western Union informed me although it WAS indeed a Western Union Money Order number, it had been used over and over by phisherman, black hat hackers and/or conartists trying to steal people merchandise.

The next day Fedex came knocking at my door for the package. I told them that I wasn’t sending anything. I hope the hackers phishing attempt cost him (her) some money.

My first plan was to use the Fedex label to send an empty box, but I wanted to get this guy. I told him it was on the way. Then I reported it to the Internet Fraud Complaint Center à http://www1.ifccfbi.gov/index.asp

Hack Phishing Summary:

The phisherman’s plan was to send the fake Western Union Money Order receipt in hopes that I would be so anxious to get the $600 that I would immediately send the package. He’d then have his self a free Nokia from eBay and I would have no way to get the hacker. It was just before Christmas so everyone is in that holiday rush to send off their last gifts to friends and family abroad so I wasn’t too surprised that he said he was in a rush. I’d sold two other devices that buyers had wanted rushed on a week prior.