Crap! I totally just got phished! This was sitting in my inbox this morning...

Normally I would have just ignored this email, but I happen to have an auction on eBay right now so I just clicked the "Respond Now" link without a second thought. As soon as I signed in [even before realizing that the message wasn't in my message folder] I thought "oh shit, what did I just do?"

Yep, sure enough. The hyperlink in the email went to http://62.48.234.67/ebay.com/eBayISAPI.dll...&favoritena.htm [hyperlink removed for your safety]. Notice the IP address [62.48.234.67] before "ebay.com" which actually sent me to some other website/server out there on the wild, wild web. A site that I'm sure logged my eBay username and password. Fuck. This stuff just pisses me off.

Here's a catch for ya... I was using IE7 on a machine where I had turned off the Phishing Filter. I checked the URL on another machine where the phishing filter is turned on and sure enough, IE7 caught it:

If I had been using my normal PC, I would have been warned by IE7 and wouldn't have had anything else to worry about. Luckily I realized my error and changed my password immediately after opening up a new browser and navigating directly to http://www.ebay.com/.

A suggestion... I highly recommend that you turn the Phishing Filter on if you're using Internet Explorer 7! It's easy. Go to Tools, then Phishing Filter and select "Turn On Automatic Website Checking..."

It just goes to show that phishing and social engineering tactics can work on anyone, even experienced, security-minded users like myself. [groan]

~tod

tags: phishing, ebay, social+engineering, ie7, internet+explorer, phishing+filter