Account Verification

Dear eBay user,

During our regular update and verification of the accounts, we couldn’t verify your account
information. Eighter your information has changed or it is incomplete.

As a result, your access to bid or buy on eBay has been restricted. To continue using your
eBay account fully, please update and verify your information by clicking below:

https://scgi.ebay.com/
saw-cgi/eBayISAPI.dll?V
erifyInform
ation

If your update will not be completed in 5 days, your account will be removed.

We apologize for disturbing you with
this message, but we appreciate your efforts in
helping keep eBay a safe trading place.
Thank you for understanding.

Regards,
eBay SafeHarbor
Verification Accounts Team

Please Do Not Reply To This E-Mail. You Will Not Receive A Response

Who are you? Are you really eBay?

Regards,

Mark Wilson

<image.tiff>

Mark Wilson wrote:

Who are you? Are you really eBay?

If they are, maybe they should check to see if anyone is auctioning off
a dictionary since they misspelled “either” at the beginning of the
second sentence

Or as Mark probably suspects, it’s just the scam described in this story
at snopes.com:

 http://www.snopes.com/inboxer/scams/ebay.asp

Cheers,

Lyle

It’s pretty obviously a scam. Always check the actual URL (split
for readability):

https://scgi.ebay.com/ saw-cgi/eBayISAPI.dll?V erifyInform ation

It’s a somewhat evil trick. Actually, three going on here. Note the
scgi.ebay.com:blah@69.49.246.84… a common trick to “fake” a URL,
using username:password@host syntax. Combine that with printing the
fake URL as the text of the link for a sense of safety, as well as
some Javascript to even fake the mouseover, and you might even convice
a lot of people.

Like you said, the obvious misspellings don’t do a lot for credibility
though, and spamassassin caught some other things in the headers.