Press Releases

Browse our press release archive

12 Aug 2005

Phishers use wheelchair-bound old lady to target eBay Good Samaritans, Sophos reports

Message from 87-year-old woman is a ruse to steal money

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned users about a new phishing campaign which pretends to be a message from a wheelchair-bound old lady who is having difficulty using the popular eBay auction website. However, if recipients respond they risk passing their confidential login details and password to a criminal gang.

The emails, which claim to come via eBay from someone called Greta, claim that the 87-year-old woman placed a bid for a wheelchair, but can no longer find the online auction. Sophos believes that some users may think the email is genuine, and click on the "Respond now" button to answer the lady's question. However, doing so takes the user to a bogus website pretending to be eBay where their login names and passwords will be stolen.

The email looks as though it has been sent via eBay

The email looks as thought it has been sent via eBay, but clicking on "Respond now" takes recipients to a bogus website which will steal usernames and passwords.

The text of the email reads as follows:


I recently placed a bid on item#5600846099 being a wheelchair for me that i really need do to my age(87 years old) and it seems that i can not find the auction anymore... May i please know if you are the seller of the item above?


"This phishing attack is targeting Good Samaritans, who will think they are helping an elderly lady with her online auction. Even if people click on the link to reply that they are unable to help the woman, they are handing their confidential login details to hackers," said Graham Cluley, senior technology consultant at Sophos. "There seems to be no depths to which phishers, virus writers and criminal hackers are not prepared to stoop to steal money from innocent people. Everyone should exercise caution when dealing with unsolicited and unexpected email, and ensure they have a consolidated anti-spam and anti-spyware solution in place."

Sophos believes that the phishers are appealing to the better nature of their potential victims, in the hope that it will increase their chances of success.

"In the past phishing commonly tried to get users to log into a bogus website to reconfirm their details, or pick up a security message. This technique of targeting the public's desire to show generosity and help others is a sign that the older tricks are proving less effective because of their over-use," continued Cluley. "We should not be surprised if the phishing gangs continue to innovate in the psychological stings they use to fill their pockets with other peoples' cash."

Sophos recommends companies protect themselves with a consolidated solution which can defend businesses from the threats of both spam and viruses; and that users do not open or reply to unsolicited emails.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at