Home > Community > Security & Resolution Centre > Stop spoof emails & Web sites
 Security & Resolution Centre

 Phishing & Spoof  
Some thieves on the Internet, simply go fishing, or 'phishing', as the practice has come to be known, trolling the sea of online consumers in hopes of netting unsuspecting victims. One method of phishing is the sending of 'spoof' (fake) emails, which copy the appearance of popular Web sites or companies in an attempt to commit identity theft or other crimes.

There are certain characteristics you should look for, that are common to many spoof e-mails:

Personal information requests: An indicator of spoof e-mail is a request for the recipient to enter such sensitive personal information as a User ID, Password, or Bank Account number by clicking on a link or completing an e-mail form.

Sender's address: E-mail recipients should not easily trust on the sender's e-mail address to validate the true origin of the e-mail. While it may look legitimate, the "From" field can be altered easily.

Greeting: Many spoof e-mails begin with a general greeting like, "Welcome User," rather than being directed to a specific person.

Safety Tips

Safety Tips

1. Learn the signs of a spoof email.
It's incredibly difficult to detect fraudulent emails - as spoofers have become increasingly sophisticated in their attacks. There are certain characteristics Internet users should look for, though, that are common to many spoof emails. We've developed a Spoof Email Tutorial to show you what to look for (and look out for).

Back to top

2. Get eBay Toolbar with Account Guard.
Spoof emails almost always take you to a fake Web site - this is where the real damage is done. The eBay Toolbar now features 'Account Guard', a tool that will indicate when you are on either eBay or PayPal, and will warn you when you are on a potentially fraudulent Web site. eBay Toolbar with Account Guard will also let you report suspicious sites - if we find it to be fraudulent, we will use your report to protect the millions of other eBay Toolbar users.

Back to top

3. Do not click on email links that request personal information.
Do not click on a link embedded within any potentially suspicious email, especially if the email requests personal information. Instead, try starting a new Internet session with your browser, typing the Web address of the link into the address bar, and pressing 'Enter' to be sure you are directed to a legitimate Web site.

Back to top

4. Verify your account statusCall the financial institution to verify your account status before revealing any information that could be needed to protect the account. Most legitimate financial companies will not send an e-mail threatening the status of an account and requiring the user to submit information immediately.

Back to top