Phishers lure victims with false claims of eBay closure

Sophos is warning computer users of a new phishing scam that tries to steal usernames and passwords from eBay users by claiming the giant auction website will close for business on 27 February.

The emails state that eBay has decided to shut down its business at the end of February, and request that recipients vote on whether they agree with the decision. According to the message, 50 percent of eBay members are required to disagree in order to keep the site open. However, clicking on either of the voting links takes the recipient to a phishing website which poses as eBay, and is designed to steal information from users. Sophos experts note that the phishing website is hosted on a hacked server belonging to a UK legal company.

The email reads:

‘Dear eBay Community:

We have decided to close eBay on 27 February 2007 due to the repeatedly abuses on our company. We ask your opinion on this matter and we want to know if you agree with us or disagree .Below you can make your choice.

If you want eBay to stay open click YES otherwise click NO .Your opinion is very important to us. If 50% of the eBay members vote positive eBay stays open otherwise it will be closed.

Regards,
eBay Team’

“It’s unlikely that many people will believe that such a successful website as eBay is considering calling it quits, but they might think it is a teaser campaign by the auction giant for some other kind of promotion,” said Graham Cluley, senior technology consultant for Sophos. “While not as sophisticated as some of the recent phishing campaigns we’ve seen, it could still result in the unwary handing their account details over to hackers, who could then use them to make fraudulent purchases and commit other identity crimes.”