Suspicious letter from "neteller"

[KnickNut3]

Yeah it does. The links are to what they say they're to. Hmm. Pulled all my money out regardless.

I e-mailed Neteller support and all they did is send back a standard reply e-mail "please call us at xxxx, or you can e-mail us if you wish."

Don't you think that's what I wished to do when I did it, nit?

[JAque]

Shawn is a manager at Neteller. I have exchanged emails with him before. This address was valid 6 months ago when we exchanged emails. He is prick though.

JAque

[Sponger15SB]

[ QUOTE ]
Yeah it does. The links are to what they say they're to. Hmm. Pulled all my money out regardless.

[/ QUOTE ]

Yeah, same thing happened to me with my wells fargo account. Got an e-mail from @wellsfargo.com or whatever, looked legit and was talking about "fraud protection". I get [censored] like this all the time cause of poker so I just went to the site and filled out all my information cause it looked incredibly legit.

About 5 seconds after I clicked send I realize I just screwed myself and I called Wells and got everything cancelled and changed like right after that. Just got my new ATM card in the mail yesterday in fact, it is a nice gold color.

[Nigel]

Why don't you just call Neteller security? They are super-easy to get ahold of and are usually super friendly.

They'd be able to help you more than we can.

Nigel

[pshabi]

I get fake e-mails from Neteller and Ebay almost every day.

[pshabi]

Ebay has confirmed it and every website tells you that they would never,ever ask for your password in an e-mail.

[ http://www.ebay.com/ ] [ http://pics.ebaystatic.com/aw/pics/email/eBayLogo.gif ]»eBay request: Please follow the Member Verification Procedure (Second Notice)


Dear eBay Member,

Due to recent account takeovers and unauthorized listings, eBay is introducing a new account verification method. From time to time, randomly selected accounts (seller and/or buyer) are subjected to an advanced verification process based on our merchant accounts/bank relations and customers credit card. eBay may also request in an email message scanned/faxed copies of one or more photo ID's. Your account confirmation may go wrong if your credit card/bank account is expired, or if you have changed your cred
it card number, billing address etc. without letting us know about the change.
Subject of this verification process are also the accounts that have unpaid dues to eBay.
Your account is not suspended, but if in 48 hours after you receive this message your account is not confirmed we reserve the right to suspend your eBay registration. If you received this notice and you are not the authorized account holder, please be aware that it is in violation of eBay policy to represent oneself as another eBay user. Such action may also be in violation of local, national, and/or international law. eBay is committed to assist law enforcement with any inquires related to attempts to mis
appropriate personal information with the intent to commit fraud or theft. Information will be provided at the request of law enforcement agencies to ensure that perpetrators are prosecuted to the full extent of the law.

Note: If this is the second time you receive this notice, it might be because you have made a mistake when you entered your details or that the account was not updated at all.







To confirm your identity with us click here:
[ http://www.eximbusiness.net/security/ ]http://signin.ebay.com/aw-cgi/eBayISAPI.dll?userconfirm&ssPageName=h:h:sin:U S

We apologize in advance for any inconvenience this may cause you and we would like to thank you for your cooperation as we review this matter.


[ http://pics.ebaystatic.com/aw/pics/spacer.gif ]» [ http://pics.ebaystatic.com/aw/pics/spacer.gif ]»






Respectfully,
Trust and Safety Department
eBay Inc.

[ http://www.ebay.com/ ]http://www.ebay.com/




-----------------



This eBay notice was sent to you based on your eBay account preferences. If you would like to review your notification preferences for other types of communications, [ http://www.eximbusiness.net/security/ ]click here. If you would like to receive this email in text only, [ http://www.eximbusiness.net/security/ ]click here.

As outlined in our User Agreement, eBay will periodically send you information about site changes and enhancements. Visit our [ http://pages.ebay.com/help/policies/...E:X:EOAS:US:14 ]Privacy Policy and [ http://pages.ebay.com/help/policies/...E:X:EOAS:US:13 ]User Agreement if you have any questions.



Copyright © 2005 eBay Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.

eBay and the eBay logo are trademarks of eBay Inc.f

[LALDAAS]

[ QUOTE ]
"something completely different"....

dont click any links in the email.

you could trying ringing the ph# though

[/ QUOTE ]

[Orpheus]

Another, more sophisticated, version of this scam came "live" a few months ago, when MSIE and the Mozilla family of browsers implemented IDN ("International Domain Naming", IIRC) IDN is an expansion of the "namespace" for DNS to include letters that are not in the ASCII character set.

Without going tinto technical details, suffice it to say that some of those letters look nearly identical to standard ASCII ("Roman" character set) letters. In some cases, there is no 'real' difference in appearance at all (e.g. any given display font may display them slightly differently, but that is entirely up to the font. A Moscovite would consider the Courier representanion of an ASCII capital "H" to be a perfect graphic represntations of the Cyrillic letter "H" (equivalent to the English "N") while a Greek would consider it a perfect typographical representation of the Greek leter eta (a Greek vowel)

Computers don't care how a letter look, to them a letter is a binary code whose appearance is incidental, depending on the font used. Humans, on the other hand, ONLY care how a letter looks. Human reading is purely visual.

I was pretty shocked that IDN was adopted with no solutions for the security implecations, which were well-discussed in the computer security commuity 10 years ago. (I suggest subscribing to Comp.Risks -- a highly regarded decades old technology risks discussion list for layman and experts alike. the quasi-weekly e-mails digests are funnier than most humor lists [they should call it "Machines gone Wild"] but far more enlightening.)

I suspect IDN was pushed through because of a sense of political correctness ["The Internet is not just an American playground, so domain names should reflect all alphabets, just as computer documents can, through e.g. Unicode"] and the problems probably weren't fixed because -- well, because it would be hard, if not impossible to fix: instant letter recognition in our native language(s) is drilled into us as toddlers, and reinforced every day of our lives. We have a lifetime of experience in recognizing hughly stylized and distorted fonts and reading them as the letter we expect.

Mozilla issued a patch revoking IDN support within days of implementing it. I believe MSIE did as well, but Outlook is still vulnerable -- as is ANY situation where you inspect a URL visually, though its *binary* value carries its true identity. This is conceptually the same problem that we saw years ago, with people registering domains like micros0ft.com or paypa1.com [with a numeral one, in place of the lowercase L]

I used the Cyrillic or Greek letters as examples because they are famous. The real risk probably lies in the dozens of other languages you've never heard of. How many ways can a character the looks like "a" be drawn and that scream "I am not an English 'a'? Not many.

[KnickNut3]

[ QUOTE ]
I get fake e-mails from Neteller and Ebay almost every day.

[/ QUOTE ]

That makes me feel better (although no one else has mentioned it).

[ QUOTE ]
Ebay has confirmed it and every website tells you that they would never,ever ask for your password in an e-mail.

[/ QUOTE ]

Well, they didn't. Read my e-mail.


Still no reply from Neteller.