The Bad Guys Are Phishing For Your Personal Information

Do you know what "phishing" is?

No, it doesn't mean you grab a pole and head to the late to catchsome phish.

The official Webopedia definition of "phishing" is as follows:

The act of sending an e-mail to a user falsely claiming to be anestablished legitimate enterprise in an attempt to scam the userinto surrendering private information that will be used foridentity theft. The e-mail directs the user to visit a Web sitewhere they are asked to update personal information, such aspasswords and credit card, social security, and bank accountnumbers, that the legitimate organization already has. The Website, however, is bogus and set up only to steal the user'sinformation.

Phishers prey on ignorance, fear, and emotion. They also play thenumbers game. The more bait they email out, the more phishthey'll catch.. By spamming large groups of people, the "phisher"counts on his email being read and believed by a percentage ofpeople who will volunteer their personal and credit cardinformation.

The latest attempt by identity theives to steal the personalinformation of ebay members hit my inbox earlier this week and Ihave to say, this one is pretty convincing. Even this old dog dida double-take before realizing that the identity thieves werephishing for my personal information again.

The sender of this email is listed as: eBay Member - rivernickand the email subject line reads: Question from ebay Member.

The email begins: "Question from eBay Member -- Respond Now. eBaysent this message on behalf of an eBay member via My Messages.Responses sent using email will not reach the ebay member. Usethe Respond Now button below to respond to this message."

Listen to me: DON'T TOUCH THAT BUTTON

Of course the email was NOT sent by an eBay member or sent viaebay's messaging system, as it appears.

The email then takes on a threatening tone.

It reads: "Question from rivernick: I'm still waiting payment formy item for about 7 days. What happened? Please mail me ASAP or Iwill report you to ebay."

The recipient is then prompted to respond to this ratherdisturbing email by clicking a "Respond Now." button.

Doing so will take you to a website designed to look like eBaywhere you will be prompted to login using your ebay user name andpassword.

Once you pass this point you will be asked to update your accountinformation before proceeding. Unknowing souls will offer notonly their ebay password, but personal and credit cardinformation, as well, without even knowing that they are about tohave their personal information stolen.

The one thing that makes this scam so effective is the threat bythe supposed eBay member to "report you to ebay."

The email preys on the fear of most eBay members that they are indanger of receiving negative feedback. Many ebayers would ratheryou cut off a pinky than leave them negative feedback. It is thisemotion that the new phishers are hoping to hook.

The phisher is betting that most people will either be horrifiedby the threat of being wrongly reported to ebay or they will beticked off that some jerk is threatening them by mistake.

Either way the phisher is counting on a percentage of people tohave a knee-jerk reaction and login to the fake ebay website hehas set up clear matters up.

I've yet to see what percentage of people who receive thesephishing emails fall for the scam, but if a phisher gets 1% ofrecipients to