Ebay Billing Scam
One new variation on the phishing scam is the Ebay Card on File Declined scam. It's a clever trick, as many people aren't even aware of what credit or debit card they use to pay their Ebay fees, and it is possible that a card might have expired.
How It WorksYou receive an e-mail with the heading "Ebay Card on File Declined," that reads as below:
We are writing to alert you that your balance is not paid, because yourcredir/dibit card company declined eBay's attempt to charge your monthlyinvoice amount to your credit/debit card.
Your payment is due by your next invoice date.
To speed up this process, you are required to place other credit/debitagainst the account registration data we have on file.
Place or update credit/debit card on file here.
As a courtesy, eBay will automatically make a second attempt to chargeyour card. This attempt will take place in about 3 to 5 business days.
As a reminder, past due accounts may be restricted from buying orselling until payment is received.
If you're a regular Ebay user, that's a cause for concern. Even if you use it occasionally, it should worry you, as charges are only made to your card when you sell items through the auction service, and you wonder if someone has hijacked your account.
The mail will alert you that your balance is unpaid because your card has been declined, although no reason is given. What the mail desires is that you click on a link to place another card on file. However, the link doesn't connect you to EBay at all; instead it's run by the scammers, who then have your credit card information. That can be used either to run up bills on your card or as the basis for identity theft.
How To Avoid The ScamThere will be several hints in the e-mail that it's not genuine. First of all, it won't use your Ebay identification, but will address you by your e-mail address, something Ebay would never do.
Secondly, look for typos in the mail. Debit might be spelt "dibit," for example, or credit as "credir" - neither of which would pass even a basic spell check! There are rumours that these errors are inserted deliberately by poorly-paid employees of the scammers to act as tip-offs, since many of these schemes originate in countries where English isn't the first language.Lastly, never click on the link. If you hold your mouse over it, in the bottom left of your screen you'll find the true link displayed - it's simply been disguised to trick you.
If you receive a mail like this, you can either delete it or forward to the Fraud division at Ebay (firstname.lastname@example.org), who will investigate further.
What To Do If You're A VictimIf you've given over credit card information in this scam, you should contact your credit card company immediately. You will only be responsible for a small amount, or possibly even nothing, if you report it quickly.
You should also contact the credit reference agencies, such as Equifax, and have them place a fraud alert on your account. Obtain a copy of your credit file (it only costs £2) and look for any unusual activity, or accounts that might have recently been opened without your knowledge. Challenge in writing anything that seems suspicious.
Keep copies of all correspondence relating to the incident. Also contact Ebay and inform them what has happened and ask to be issued with a new ID.