Just got this email from supposedly ebay. As far as I know I've never set up an account there before. Is this legit?

Update Your Account Information Within 24 Hours
spacer
Valued eBay Member,

According to our site policy you will have to confirm that you are the real owner of the eBay account by completing the following form or else your account will be suspended within 24 hours for investigations.

Never share your eBay password to anyone!

Establish your proof of identity with ID Verify (free of charge) - an easy way to help others trust you as their trading partner. The process takes about 5 minutes to complete and involves updating your eBay information. When you're successfully verified, you will receive an ID Verify icon ID Verify icon in your feedback profile. Currently, the service is only available to residents of the United States and U.S. territories (Puerto Rico, US Virgin Islands and Guam.)
eBay logo

To update your eBay records >> Click here <

We appreciate your support and understanding, as we work together to keep eBay a safe place to trade.
Thank you for your patience in this matter.

Trust and Safety Department
eBay Inc.

Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered.

Note : Ignoring this message will cause the Suspension of your account . To reactivate it you will have to pay a fee of 350 $ .

Copyright 1995-2005 eBay Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. Use of this Web site constitutes acceptance of the eBay User Agreement and Privacy Policy. Designated trademarks and brands are the property of their respective owners. eBay and the eBay logo are trademarks of eBay Inc. eBay is located at 2145 Hamilton Avenue, San Jose, CA 95125.

Yes, that is a scam. Go to eBay's home page, they have a link somewhere talking about these scam e-mails.

Alright, thanks. I've gotten a few of these emails before and never knew what to do.

[ QUOTE ]
Alright, thanks. I've gotten a few of these emails before and never knew what to do.

[/ QUOTE ]

I just found this link, I guess there is a way to report these:

http://pages.ebay.com/education/spooftutorial/

[ QUOTE ]
Note : Ignoring this message will cause the Suspension of your account . To reactivate it you will have to pay a fee of 350 $ .

[/ QUOTE ]

Ebay accounts are free to have. This is a red flag that it is a scam.

mail to spoof@ebay.com

[ QUOTE ]
[ QUOTE ]
Alright, thanks. I've gotten a few of these emails before and never knew what to do.

[/ QUOTE ]

I just found this link, I guess there is a way to report these:

http://pages.ebay.com/education/spooftutorial/

[/ QUOTE ]
"The "From" field of an email can easily be altered - it is not a reliable indicator of the true origin of the email."

How?

I already deleted it, but next time I'll remember to do that. Thanks for the warning though.

People have been over this before, but just to reiterate:

1) You'll always be addressed by "valued member" or "dear customer" or something else whereas the real company would address you by your real name.
2) There will always be a link to an external site in the text, usually disguised by having a tag like "https://www.ebay.com/login" when in reality (you can usually see this in the status bar at the bottom of your browser) it usually points to something like http://193.21.67.182. Additionally, if it points to an address like https://www.ebay.com/login-w8grHGAkdj>jd7788<Accountlogin-w8grHGAkdj>jd7788<AccountMaintenace-4957725-s5982ut-aw-ebayconfirm-secure-@whateverelse (https://www.ebay.com/login-w8grHGAkdj>jd7788<Accountlogin-w8grHGAkdj>jd7788<Account)

be AWARE that your browser will actually take you to the address that follows the @ operator, so in actual fact it could have been preceded by anything.

One way to check if the mail actually came from the address listed in the from field is to examine the headers. In Outlook this can be done by right-clicking on the mail, selecting options. Now check to see that the Return Path (listed at the top) matches an address from the first received field.

E.g
Return-Path: <events@pokerstars.com>
...
(the 1st return field is halfway down)
Received: from localhost (localhost [127.0.0.1])
by mail3.pokerstars.com (Postfix) with SMTP id 9180A144DDC

Here you can clearly see it originated from the pokerstars mail server. This can be used to detect some spoofing attempts, although it is possible to fake all the header information.

Bottom line is, never follow any links in emails. Just go to the site itself and navigate from there.

[ QUOTE ]
"The "From" field of an email can easily be altered - it is not a reliable indicator of the true origin of the email."

How?

[/ QUOTE ]

I don't think I should tell you exactly how since you'd be tempted to try it.

Anyway, the basics:

You need to connect to a mail server on port 25 (SMTP). This is done through telnet. After connecting there might be some form of "protocol" (not to be confused with the computer term protocol) such as typing HELO.

Now the part where i'm gonna get vague because I think it's best /images/graemlins/tongue.gif

You would use this like a command line email client. You manually type in all the fields and so on. The thing is, you can put any address in the from field. Why? I guess it has some legitimate uses for users with aliases.

This is all made possible by the fact that the SMTP daemon does not authenticate users, i.e when you connect to the mail server you don't have to login. EDIT: for clarification, almost all servers nowadays require use of a secure connection for actually sending mail.

(And yeah, to people who know their stuff, I am aware that this explanation leaves out some very important details /images/graemlins/wink.gif)