Toyspeed.org.nz Message Board

[MrOizo]

Looks ecaxtly like a Mail from TM but the site that gets you to login is the URL:

http://trademe.servehttp.com/Login_aspx.htm

This is an automated email regarding listing reference: 64307169

A trademe.co.nz member has asked a question on your auction(s).

Hi there, can I have your phone number ? Or let me know if you received my other email. bye posted by:maori_with_guns (23 ) 8:04 am, Fri 04 Aug

click here

[Adydas]

I had an email from that user to..
Odd shit

[BlakJak]

Yeah, the admin team got a copy as well. Definately a fake.

[Akane]

I logged in, it's sweet as, I don't see what the big problem is

[matt dunn]

Anyone emailed it to trademe?

[Adamal]

I logged in with definatly fake crudentials as well. That worked too!

[BlakJak]

I've sent a copy to Trademe.

Details @ http://www.blakjak.net/node/548

[RedMist]

Its a phishing scam.

IE www.servehttp.com which is http://www.no-ip.com/

[MrOizo]

Anyone emailed it to trademe?

yip i emailed the details to TM - got a reply that that guys listings had been withdrawn.

By the look for the guys Q&A on his auction he didnt have any idea hat was going on!

[MrOizo]

I logged in with definatly fake crudentials as well. That worked too!

yip yip i logged in with a few commens to the person trying to fool everyone too.

just typing out sentences telling him/her where to stick it

[Dell'Orto]

So did I, but then I also got an email from TM this afternoon saying my account has been suspended due to someone gaining unauthorised access uber gaymax

[Adydas]

wtf.. maybe its a trademe staff member running the scam..

But what excatly would hte gain,. i mean break into a persons bank get there cash.. break into there trade me and give some other peple bad feedback.. Or buy him self some HKS Decals on your account and not pay.

I mean talk about hardcore!!!

[BlakJak]

Trademe employees would have better things to do than set up a webserver in Romania for the purpose of harvesting details that are physically in the same building that they probably work in !

I've put some legwork into dealing with the source of the emails, which unfortunately doesnt take care of the webhost running the scam itself - however, one thing at a time. (One assumes Trademe will do that anyway. But its the weekend. So nothing will get done till Monday...)

BJ.

[RedMist]

wtf.. maybe its a trademe staff member running the scam..

But what excatly would hte gain,. i mean break into a persons bank get there cash.. break into there trade me and give some other peple bad feedback.. Or buy him self some HKS Decals on your account and not pay.

I mean talk about hardcore!!!

They either recieve other peoples bank details from a sale and then hack their accounts or they sell stuff they have no intension of shipping. IE they get money for nothing using your feedback as credentials.

[Adydas]

perhaps people took me more seriously than i expected.

[Adamal]

Its been taken down now anyway.

[Santa'sBoostinSleigh]

i got that too, random

[BlakJak]

Pleased to report:

- the fraudulent host has had its DNS suspended

- The ISP hosting the mailout has been contacted, and the mail traffic itself should stop in the next 24 hours.

[DJ]

I got it also, I clicked the question dumbly enough but dont think its done anything.

[MrOizo]

Scammer targets Trade Me

Monday August 7, 2006


About 150 customers of internet auction site Trade Me were duped into responding to a phishing scam by cyber criminals trying to steal their identities.

Trade Me business manager Mike O'Donnell said the scam was a "somewhat shoddy attempt but a good lesson to everybody that Trade Me will never ask you for your personal details by email".

Contrary to some reports, staff did not have to shut down the site but the scam did force them to close some customers' accounts, he said.

Mr O'Donnell said a "nasty piece of work" in Romania on Friday night set up a login page which looked like the Trade Me login page.

The people behind the scam put it on a reputable overseas website - which was not aware of the scam - and then sent a phishing email to a bulk list of emails, he said.

Mr O'Donnell said staff still did not know how the email list was obtained.

The phoney site asked customers to click on a link and provide their details.

"Phishing is not uncommon on the internet and this was a pretty shoddy attempt," he said.

Mr O'Donnell said there were several factors that would have made people aware of the scam.

"First the name 'Maori-with-guns', secondly the person had an overseas email address and lastly he wanted people to pay him offshore via a wire service, which is against our rules." Just over 150 people were "duped into responding" but the Trade Me compliance team managed to intercept about 95 per cent of those emails so the scammer never received them, he said.

"About eight people he did take in and tried to steal their identities but we were able to close down all their accounts and reset them."

The fraudulent site was closed yesterday morning, he said.

Mr O'Donnell said the scam was essentially a numbers game.

"If you send out enough emails, you will get people who respond."

He said the compliance team had "done a great job" in the handling of the situation. "It's fantastic to get a result that no one has lost out in terms of money."

- NZPA

There is a good point in this article. how were the email address list compiled? might have been some one in TM that sold it or was it just a random send to people in NZ?