Phishing

Phishing, in case anyone doesn't know, involves usually sending e-mail that appears to come from legitimate sources asking you to sign into your your account and update something. This could be a bank account, internet account or almost anything else. The trick is the e-mail usually contains a link to the home page but while a real looking page shows up it is actually on the phishers site. They hope you'll fall for it and give them your user id and password.
Here is one I received today supposedly from ebay.

In the next few days we will be introducing a new email option for members who want to get more information about items listed by their favorite sellers. The Favorite Seller Digest will include a sample of the most recent items listed by sellers included in your Favorite Sellers list, and you can select whether to receive the email weekly, bi-weekly or monthly.

When you add a new seller to your Favorite Sellers list, you will have the option to include them in the Favorite Seller Digest email. In addition, you can also add sellers to this email digest by going to the Edit Preferences page from your My eBay Favorite Seller table. The Favorite Seller Digest will be sent by eBay to your email address on file.

To learn more about this new feature, click here. In order to use this you must log in to your ebay account in the next 24 hours.

Regards,
eBay Inc.

Sounds good. Looks real. I knew better but in the interest of having something usefull to write about I checked it out. The first and easiest thing to do is just hover your mouse pointer over the links. See what they look like.
Here is the text of those links.
http://210.222.212.229/www/signin.ebay.com/ws2/eBayISAPI.dll_SignIn.htm

That ip address up front instead of ebay.com is a dead give away. So if you're still a little curiuos take that address (210.222.212.229) and go over to a place with ip whois. I like SamSpade.org
Place the ip number in the ip whois and see what you get.

Server Used: [ whois.krnic.net ]

210.222.212.229 = [  ]

(www.nic.or.kr)  Whois

query: 210.222.212.229

ENGLISH

KRNIC is not a ISP but a National Internet Registry similar to APNIC.

The followings are information of the organization that is using the IPv4 address.

IPv4 Address       : 210.222.212.224-210.222.212.255

Network Name       : KORNET-HOTLINE2003230827

Connect ISP Name   : KORNET

Connect Date       : 20031201

Registration Date  : 20031224

[ Organization Information ]

Organization ID    : ORG309684

Org Name           : hongseongkineungdaehak

State              : CHUNGNAM

Address            : hongseongkineungdaehak ho 0001 beonji 0221 hongseongnamjang hongseongkun

Zip Code           : 350-803

[ Admin Contact Information]

Name               : seongkineungdae hong

Org Name           : hongseongkineungdaehak

State              : CHUNGNAM

Address            : hongseongkineungdaehak ho 0001 beonji 0221 hongseongnamjang hongseongkun

Zip Code           : 350-803

Phone              : 82-41-630-3621





E-Mail             : chungnm1@soback.kornet.net

Some place that might be in Korea with lots of phoney looking name and addresses.



Never, Never, Never follow the links in emails that sound suspious.

If you think the email might be real

all you have to do is got to the home page of the real company and sign in as per usual.