Ebay users hit with a new wave of fake emails

[temi]

eBay has confirmed that the email problem does exist
Online auction house eBay has confirmed reports that some of its users have been hit by spam emails that may be able to gain their account details.
Ebay said the problem was industry-wide, and that its sites were as secure as possible.

The scam works by targeting eBay users with infected spam or mail-shot emails.

If the emails are opened, they can record what keys the user types and send the details back to the criminals behind the spam mail shots.

How the scam works

The method, known as 'key logging', allows the fraudsters to find the eBay user's exact password, the National Hi-Tech Crime Unit (NHTCU) has confirmed.

Internet fraud is an industry-wide issue and we would encourage everyone to regularly update their virus detection software

eBay spokeswoman

A spokeswoman for the NHTCU said the agency would not be making any further comment.

Once they have gained access to users' accounts, the criminals can steal from them in a number of ways.

Firstly, they can pretend to be a seller and inform the eBay users that one of their specific recent failed bids has, after all, been successful, and ask for payment.

The goods in question obviously never appear.

Fraudsters can also use an eBay user's account to buy an item put up for sale by one of their criminal associates.

The way for users to avoid getting trapped by key logging is to ensure their computer's virus protection software is up to date.

In addition to infectious spam emails including the 'key logging' software, more simple email scams have also been targeting eBay customers.

These generally work by the using fake emails purporting to be from eBay which ask for users to reconfirm their log-in details.


source/full story: news.bbc.co.uk/1/hi/business/4181897.stm

[Alexandru Ungur]

Will we see a stop to these threats?
Microsoft is trying..., the ""secure"" Internet they dream of, would prevent this kind of events.... but I really cannot trust the word "secure" in their mouth... they already proved what they understand of it: broken software, pached once in 1-2 years, for meny of course. So because one uses their broken buggy crap OS, one still have to pay for each hole that gets patched.... I would really not want to see Internet managed that way... no offence.
But a solution is needed indeed...
IPv6 would really help, using secure protocold would help, secure DNS, signed email, etc. Most of the needed infrastructure is there already... just waiting to be used.

Ok, enough rambling, back to my inbox to delete some more SPAM... Just kidding

Alexandru Ungur, don't blame Microsoft too much, I mean, I bet that it will be impossible for a world in which computers and internets become safe. That is simply impossible, because everytime someone puts out a product, hackers try to bring it down, either they are payed by other softwars (eg: Macintosh) or by the fun of breaking through Microsoft.
Its just a comment. Don't be angry