[thelist] phony ebay scam? Security of info on the web (with tip)

Oren Levin lists at pinetree.net
Mon Feb 24 15:10:01 CST 2003


A quick check of cgi3.ebay.com looks ok
http://centralops.net/co/DomainDossier.vbs.asp?dom_whois=1&net_whois=1&dom_d
ns=1&addr=cgi3.ebay.com

The IP address is within their range of addresses. I'd second the email that
said the woman you talked to was incorrect.

If you look at cgi.ebay.com
(http://centralops.net/co/DomainDossier.vbs.asp?dom_whois=1&net_whois=1&dom_
dns=1&addr=cgi.ebay.com) you will see that it returns 2 IP addresses. My
guess is that eBay has a number of servers running their CGIs (given their
size, it's not unreasonable). I was able to look up records for cgi, cgi1,
cgi2, cgi3, cgi4, cgi5, and cg6. We do similar naming of our servers at
work.

My guess is that the script that generated the email your in-laws received
was misconfigured. Instead of cgi3.ebay is was supposed to write cgi.ebay.
Not a big deal in and of itself.

Oren
-----
Oren Levin, Web Developer
olevin at audible.com, 973.837.2811
Give the gift of audio - http://www.audible.com/giftcenter

-----Original Message-----
Ok,

I talked to ebay myself, and this is downright scary. Frankly, they
are downplaying this WAY too much for my liking. Apparently their
site is being spoofed, per the email I sent. They call this "spam"
email (funny they don't call it SCAM). And you are supposed to report
it to spam at ebay.com (I did).

I asked her about the email and she said it was fake, and that even
though I can sign in its NOT their web site.

People - when I click their link - it picks up my username from my
computer - and it KNOWS MY REAL PASSWORD. When I told her this, she
said it is somehow approximating or spoofing their site - they don't
really know my PW. Yet if I enter a phony pw I can't get in.

She said they sent emails to all their members explaining this. Did I
get an email about this? NO. I'm an ebay member. She points me to
this link:

http://www2.ebay.com/aw/marketing.shtml

Read the first entry for the 23rd. This is their basic response to
it. Since the phony URL in the email has http://cgi3.ebay...
according to their page it must be a false site.

The whole time this lady didn't seem at all concerned about this
whole issue (and slightly confused too). I'm at work so I can't take
the time to wait for her boss or something, but I find this very very
odd...Is it just me? I have to wonder if my account is safe.

I definitely owe a tip so here is one:

<tip type="javascript debugging" author="pixelmech">

A big culprit in JS errors are object references. No matter how
correct your code is after you are referencing an object, you can't
do anything if the reference is wrong. So first, be careful that you
reference things correctly: use the DOM 0 forms/elements array for
forms and use names if you can.

Secondly, if you aren't sure if thats the problem, alert your object
reference like this:

myObj = document.forms["myform"];
alert(myObj);

And if myObj truly is the object you will get "[object]" in your
alert. If you get 'undefined' or something else, you've found your
problem.

</tip>

=====
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
http://www.pixelmech.com/
var me = tom.pixelmech.webDeveloper();

http://www.maccaws.com/
[Making A Commercial Case for Adopting Web Standards]

__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/
--
* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester
and archives of thelist go to: http://lists.evolt.org
Workers of the Web, evolt !




More information about the thelist mailing list