eBay to close on 27 February? Phishers try and lure victims with bogus vote email

Sophos Press Release

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have reminded computer users to be wary of phishing scams following the discovery of a scam that tries to steal usernames and passwords off eBay users by claiming the giant auction website will close for business on 27 February.

The emails claim that eBay has decided to shut down its business at the end of next month, and is asking users to vote on whether they disagree with the decision. The email claims that 50% of eBay members are required to say that they want eBay to stay open, otherwise it will be closed permanently.

The email reads:

Dear eBay Community:

We have decided to close eBay on 27 February 2007 due to the repeatedly abuses on our company. We ask your opinion on this matter and we want to know if you agree with us or disagree .Below you can make your choice.

If you want eBay to stay open click YES otherwise click NO .Your opinion is very important to us. If 50% of the eBay members vote positive eBay stays open otherwise it will be closed.

eBay Team

However, clicking on either of the links takes the user to a phishing website which poses as eBay, and is designed to steal usernames and passwords from users. Sophos has determined that the phishing website is hosted on a hacked server belonging to a UK legal company.

"It's unlikely that anyone would really believe that such a successful website as eBay is considering shutting its doors for business, but they might think it is a teaser campaign by the auction giant for some other kind of promotion," said Graham Cluley, senior technology consultant for Sophos. "This isn't the most sophisticated phishing campaign in the world, but it could still result in the unwary handing their account details over to hackers who could then use them to make fraudulent purchases and commit other identity crimes."

Last year Sophos revealed that over 75% of all phishing emails were targeted at customers of eBay and PayPal.

eBay, like Sophos, is a member of the Anti-Phishing Working Group (APWG), an organization dedicated to wiping out internet scams and fraud. eBay has published tutorials on how to spot phishing emails on its website:

Sophos continues to recommend that all organizations protect their email with an integrated security solution to thwart spam, spyware and malware threats.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.