Is there any option to eBay for online auctions?

I have also received numerous scams emails. Initially, when I was not
sure about those from 'ebay', and before they were filtered out by my
ISP, I would right click, select properites, and look a bit, or simple
forward the email to . I figured that if it were real,
they would email me back and say so. But I *always* got immediate
replay 1: "we are investigating" and later reply 2: "not from us".

Ditto for some from paypal and a few other places I had dealings with.

On Mon, 08 Dec 2008 20:00:54 -0500, "Nick Knight"
wrote:

In , on
12/08/2008
at 10:16 AM, Milco said:

When You reply to this mail, one independent software "grabbed" Your
address and used it to spread spam and other "garbage" - normally -
because it was lot-lot of spam from Your "stolen" address delivered to
others accounts, juno.com automatically suspended Your account just to
prevent further "shipment" of this spam.

Odd that they would email him in the first place, to steal his email
address, isn't it?

You don't even need a valid sender's email address to send any email. I can
send an email now from " and the mail system would be
quite happy with it. So, I'm not so sure why anyone, particularly spammers,
would go to such trouble. I'm sure there is some logic behind it,
somewhere.

I'd be more worried about clicking on the email's links and logging into
something. If they get access to his eBay account, or worse, paypal,
there's more trouble brewing than being kicked off of juno.

Would they be clever enough to shut down his email access so as to have more
time with a hacked account? It's hard to tell you've been hacked if you
don't have internet access. But then, he's posting here, so that isn't the
issue.

He could be in another user's e-mail contact list. Some malware /
adware hijacks the mail system and sends out crap to people and they
don't even know it.

On Tue, 09 Dec 2008 07:53:56 -0800, Sir F. A. Rien
wrote:

found these unused words:

On Mon, 08 Dec 2008 20:00:54 -0500, "Nick Knight"
wrote:

In , on
12/08/2008
at 10:16 AM, Milco said:

When You reply to this mail, one independent software "grabbed" Your
address and used it to spread spam and other "garbage" - normally -
because it was lot-lot of spam from Your "stolen" address delivered to
others accounts, juno.com automatically suspended Your account just to
prevent further "shipment" of this spam.

Odd that they would email him in the first place, to steal his email
address, isn't it?

Usually the 'reply' location requires a password 'for your added security
and verification'. That's when they can abuse the account.

You don't even need a valid sender's email address to send any email. I can
send an email now from " and the mail system would be
quite happy with it. So, I'm not so sure why anyone, particularly spammers,
would go to such trouble. I'm sure there is some logic behind it,
somewhere.

That's only your ISP - many ISP's run a routine to see that the email is
being sent from a PAID user and they they have logged in to send. The
password may be automated, as with Thunderbird settings, but ...!

I'd be more worried about clicking on the email's links and logging into
something. If they get access to his eBay account, or worse, paypal,
there's more trouble brewing than being kicked off of juno.

They can do that if the 'clueless one' follows their 'verification'
proceedure without noting that it's a scam.

Would they be clever enough to shut down his email access so as to have more
time with a hacked account? It's hard to tell you've been hacked if you
don't have internet access. But then, he's posting here, so that isn't the
issue.

You don't need an email account to post in a newsgroup. It's a different
procedure and uses a different 'port' and address.

He could be in another user's e-mail contact list. Some malware /
adware hijacks the mail system and sends out crap to people and they
don't even know it.

Often some idiot sends out a 'broadcast' [multiple TO:] names and some other
idiot has the virus and all emails are grabbed!

Didn't I just say that? BTW, I didn't say the rest above. That was
someone else.

If you MUST send a bulk, use "BCC:" [Blind Carbon Copy]. No one sees the
addressees!

Uh, yeah - I know that already. Thanks for the reminder! :^P

In , on 12/09/2008
at 07:53 AM, Sir F. A. Rien said:

You don't need an email account to post in a newsgroup. It's a different
procedure and uses a different 'port' and address.

Thanks. Having plenty of experience actually writing newsreaders and email
clients, I knew that.

But you don't have to use a valid email address in your headers to send an
email. All you need is a login, and the headers for an email are left to
the creative person.

Now, if they somehow acquired his email login and they've spammed from his
account, that's one thing. But to use his email address (or anyone's, or a
made up email) as the "from" in any email address I'd bet 99% of all ISP's
would let it happen. This is actually a Good Thing in many business cases.

Now, how would a spoof of an eBay mail manage to acquire someone's email
account password? It's still not making sense to me ... mostly the
email-oriented motivation behind such a potential spoof.

Nick

On Tue, 09 Dec 2008 18:36:46 -0500, "Nick Knight"
wrote:

In , on 12/09/2008
at 07:53 AM, Sir F. A. Rien said:

You don't need an email account to post in a newsgroup. It's a different
procedure and uses a different 'port' and address.

Thanks. Having plenty of experience actually writing newsreaders and email
clients, I knew that.

But you don't have to use a valid email address in your headers to send an
email. All you need is a login, and the headers for an email are left to
the creative person.

Now, if they somehow acquired his email login and they've spammed from his
account, that's one thing. But to use his email address (or anyone's, or a
made up email) as the "from" in any email address I'd bet 99% of all ISP's
would let it happen. This is actually a Good Thing in many business cases.

Now, how would a spoof of an eBay mail manage to acquire someone's email
account password? It's still not making sense to me ... mostly the
email-oriented motivation behind such a potential spoof.

OK. Say Reader "A" gets a spoof e-mail. Opens it up and does what it
asks. Yes, not all e-mail users are techno-savvy and will do these
things, irregardless of being a user of eBay or not. (The "duh"
factor, or some such.)

This, in turn activates a script which determines which e-mail program
it is and then proceeds the harvest e-mail addresses.

When the harvesting is finished, a form based e-mail can be sent to
those selected - or all - of the e-mail accounts harvested.

Most of these spoof e-mails are housed on obscure (but not always) web
servers and sometimes the trail is visible. I know for a fact that I
have helped remove a few of the usual suspects from the eBay roles
because of said detective work. I have noticed that their accounts
were removed shortly after reporting them. Whether or not they
nym-changed and went back to work elsewhere is unknown.

All the malware sender has to do is get the "duh" user to log into
their very own version of an eBay log on screen. Yes, indeedy!

My brother fell for this after repeated attempts to tell him to ignore
those e-mails. Someone hijacked his account, set up a sale of a jeep
(truck) and had an opening bid of .01 ... Fortunately, I caught on
within the same day and got him out of a jam.

Yes - "duh" happens...

In , on 12/10/2008
at 08:50 AM, Sir F. A. Rien said:

A quick glance and the reader thinks "eBay", but it's not. Then they reply
and are met with a faked 'login' page. They sign in and ... !

The critical part is:

saw-cgi/eBayISAPI.dll

which invokes a program to capture your entered password.

Sure. None of this is new news. But I'm still waiting for someone to tell
me, based on the order of events that the original poster stated, how a fake
email from eBay (which seemed to occur first) turned into a spamming event,
and if in fact the fellow's eBay account was compromised, why would anyone
even care about the spam issue? Why would his ISP care to the point of
canning him?

It would of helped if the OP would have actually filled in the dangle ...
"it's come to our attention that you..."

YOU WHAT???????!!!!!!!!!

Your ISP will not can you for losing control of your eBay account. Well,
unless a ton of bogus transactions have transpired. That would take some
time to occur and to be uncovered and eBay would be the police in that case.
We've received no report of that. So, we've all assumed it's because
someone spammed with his email address. Well, *I* can spam with his email
address, and he wouldn't get in trouble. I might. I can't imagine any ISP
acting without actually seeing an example header and noting from wherest it
came. So, it would seem that logic points to someone using his email login
to spam via his account (given the limited info we've been given). And
there remains the question: How does a hacker acquire access to his email
account by spoofing an eBay message?

He reported being dumped by his ISP. Not losing control of his eBay
account. So, I'll assume until otherwise corrected that that isn't what
happened.

The best fitting scenario to date is that his contact list was used to spam
folks. Was the OP using Outlook? That's the popular target for these kinds
of hacks.

I'm going to quit speculating myself, and even better, quit reading all of
the dot-connecting that others are doing, whether dots are there or not.
Perhaps the OP will graciously report in and offer up what exactly his ISP
has accused him of doing. And let us know if he is still in control of his
eBay account with no strange transactions present.

Nick

On Wed, 10 Dec 2008 08:38:44 -0800, Sir F. A. Rien
wrote:

found these unused words:

On Tue, 09 Dec 2008 07:53:56 -0800, Sir F. A. Rien
wrote:

found these unused words:

On Mon, 08 Dec 2008 20:00:54 -0500, "Nick Knight"
wrote:

In , on
12/08/2008
at 10:16 AM, Milco said:

When You reply to this mail, one independent software "grabbed" Your
address and used it to spread spam and other "garbage" - normally -
because it was lot-lot of spam from Your "stolen" address delivered to
others accounts, juno.com automatically suspended Your account just to
prevent further "shipment" of this spam.

Odd that they would email him in the first place, to steal his email
address, isn't it?

Usually the 'reply' location requires a password 'for your added security
and verification'. That's when they can abuse the account.

You don't even need a valid sender's email address to send any email. I can
send an email now from " and the mail system would be
quite happy with it. So, I'm not so sure why anyone, particularly spammers,
would go to such trouble. I'm sure there is some logic behind it,
somewhere.

That's only your ISP - many ISP's run a routine to see that the email is
being sent from a PAID user and they they have logged in to send. The
password may be automated, as with Thunderbird settings, but ...!

I'd be more worried about clicking on the email's links and logging into
something. If they get access to his eBay account, or worse, paypal,
there's more trouble brewing than being kicked off of juno.

They can do that if the 'clueless one' follows their 'verification'
proceedure without noting that it's a scam.

Would they be clever enough to shut down his email access so as to have more
time with a hacked account? It's hard to tell you've been hacked if you
don't have internet access. But then, he's posting here, so that isn't the
issue.

You don't need an email account to post in a newsgroup. It's a different
procedure and uses a different 'port' and address.

He could be in another user's e-mail contact list. Some malware /
adware hijacks the mail system and sends out crap to people and they
don't even know it.

Often some idiot sends out a 'broadcast' [multiple TO:] names and some other
idiot has the virus and all emails are grabbed!

Didn't I just say that? BTW, I didn't say the rest above. That was
someone else.

Not really, there are viruses that send 'back' the address book [contact
list] directly from Missie through one of many MS holes.

I was specifically referring to 'bulk' email [ multiple recipients] where
the names were gathered not from the sender's machine, but from an infected
recipient.

I think I just said that. Thanks for not agreeing. :^)

On Wed, 10 Dec 2008 19:25:59 -0500, "Nick Knight"
wrote:

In , on 12/10/2008
at 08:50 AM, Sir F. A. Rien said:

A quick glance and the reader thinks "eBay", but it's not. Then they reply
and are met with a faked 'login' page. They sign in and ... !

The critical part is:

saw-cgi/eBayISAPI.dll

which invokes a program to capture your entered password.

Sure. None of this is new news. But I'm still waiting for someone to tell
me, based on the order of events that the original poster stated, how a fake
email from eBay (which seemed to occur first) turned into a spamming event,
and if in fact the fellow's eBay account was compromised, why would anyone
even care about the spam issue? Why would his ISP care to the point of
canning him?

It would of helped if the OP would have actually filled in the dangle ...
"it's come to our attention that you..."

YOU WHAT???????!!!!!!!!!

Your ISP will not can you for losing control of your eBay account. Well,
unless a ton of bogus transactions have transpired. That would take some
time to occur and to be uncovered and eBay would be the police in that case.
We've received no report of that. So, we've all assumed it's because
someone spammed with his email address. Well, *I* can spam with his email
address, and he wouldn't get in trouble. I might. I can't imagine any ISP
acting without actually seeing an example header and noting from wherest it
came. So, it would seem that logic points to someone using his email login
to spam via his account (given the limited info we've been given). And
there remains the question: How does a hacker acquire access to his email
account by spoofing an eBay message?

He reported being dumped by his ISP. Not losing control of his eBay
account. So, I'll assume until otherwise corrected that that isn't what
happened.

The best fitting scenario to date is that his contact list was used to spam
folks. Was the OP using Outlook? That's the popular target for these kinds
of hacks.

I'm going to quit speculating myself, and even better, quit reading all of
the dot-connecting that others are doing, whether dots are there or not.
Perhaps the OP will graciously report in and offer up what exactly his ISP
has accused him of doing. And let us know if he is still in control of his
eBay account with no strange transactions present.

You can assume childish dot-connecting if you want. eBay DID NOT SEND
the message and that is escaping your limited thinking on this. They
don't do this.

So, for all your posturing and so forth, you can plonk me as well.

Maybe you can plonk yourself at the same time. And we thought you
were a software developer? Hmmm...

In , on 12/10/2008
at 07:48 PM, said:

You can assume childish dot-connecting if you want. eBay DID NOT SEND the
message and that is escaping your limited thinking on this. They don't do
this.

sigh Nowhere did I say that I thought eBay actually sent the message.
Arguing with the logically-challenged is tiresome. And there isn't much
assuming on my part ... there is a BUNCH of imaginary dot-connecting going
on, although it apparently isn't being done by children. At least not by
physical age. My thinking is fine, thank you. You can try to say the same,
but you'd be very wrong.

Try reading again and maybe we can work on a real answer. Here's the
question in as simple a form as I can concoct it, typed as slowly as
possible:

How does an eBay spoof email end up being a spam issue, and/or how does it
get the recipient canned from his ISP?

Again, and puh-lease, without adding any creativity. I'm looking for facts
only, linked with real-world logic. Then again, I did give up on the
speculation, which is apparently all you are still offering.

Perhaps we can wait now for the OP to post more detail. I'll bet we can't


So, for all your posturing and so forth, you can plonk me as well.

I typically don't plonk people based solely on density. Unless you somehow
acquire some whit, or become more obnoxious, you're not worth the miniscule
disk space involved.

Nick

On Wed, 10 Dec 2008 20:18:49 -0500, "Nick Knight"
wrote:

I typically don't plonk people based solely on density. Unless you somehow
acquire some whit, or become more obnoxious, you're not worth the miniscule
disk space involved.

Simply sounds like you have axes to grind. Please, be my guest, but
not on my time.

Your arrogance is only exceeded by your thickness about how this could
become spam. Maybe we could repeat it 20 more times, but it won't get
through your double-wide head plate. You must be a real treat at
airports.

Considering this has nothing to do with stamps, I guess you're about
as ignorant as the rest of us. Join the group...