Cloud and Microsoft technologies enthusiast architect in Switzerland RSS 2.0
# Thursday, August 31, 2006

Couple of days ago, I received an e-mail on one of my e-mail address I use to receive spam warning me that I won an auction on e-bay. It sayd I commited to buy a tanning bed and it invited me to pay it by a connection on their web site using a button available in the e-mail.

So far, no problem. The only odd thing was that, even I have an e-bay account, I do not use that e-mail address and more strange, I never made any bid for a tanning bed.
Then, this was a clear attempt of phishing, and let's demonstrate how it works.
First, what is phishing ?
Phishing is a technic used by people to obtain personal and/or confidential information from the victims by claiming they are from a banking company or somebody you trust.
In this case, it was eBay, a well-known target for this kind of attack.
In the body of the e-mail, there was a button redirecting you to a fake e-bay web-site to sign-in and enter your user id and password.
This button opened a web page at (do not try this link, the web site is already offline) which had exactly the same look-and-feel as the original one. That URL might wake up a red light in the head of people who knows how internet works.
In fact, if we carefully look at the URL, we do not access to the eBay web site (in this case, it should be, but, instead, a web site named This domain name is owned by a person who has a really strange phone number, only composed of 4 and 7.
With the login form, the owner of the site can get user ids and passwords from a lot of users.
These last months, lot of e-mails coming from supposedly banking companies are received by people, requesting to verify some personal informations. Here, it must be said that banks do not communicate this kind of request by e-mail, but only by letters.

A communication from the BCV about phishing :

Thursday, August 31, 2006 3:49:38 PM (GMT Daylight Time, UTC+01:00)  #    Comments [0] -
English | web
Google Cloud Platform Certified Professional Cloud Architect
Ranked #1 as
French-speaking SharePoint
Community Influencer 2013
Currently Reading :
I was there :
I was there :
I was exhibiting at :
I was there :
I was a speaker at :
I was a speaker at :
I was a speaker at
(January 2013 session):
I was a speaker at :
I was a speaker at :
United Nations (UN) SharePoint Event 2011
I was a speaker at :
I was there !
I was there !
I was there !
I was there !
<August 2022>
About the author/Disclaimer

The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

© Copyright 2022
Yves Peneveyre
Sign In
Total Posts: 290
This Year: 0
This Month: 0
This Week: 0
Comments: 20
Pick a theme:
All Content © 2022, Yves Peneveyre
DasBlog theme 'Business' created by Christoph De Baene (delarou)