Home page logo

nanog logo nanog mailing list archives

Re: Complaint of the week: Ebay abuse mail (slightly OT)
From: JC Dill <nanog () vo cnchost com>
Date: Sun, 03 Aug 2003 10:20:31 -0700

At 09:41 AM 8/3/2003, Paul Vixie wrote:

> ... ebay now requires that you fill in their lovely little web form to
> send them a note.  Even if, say, you're trying to let them know about
> another scam going around that tries to use the machine www.hnstech.co.kr
> to extract people's credit card information.

one can easily imagine that their abuse@ alias was receiving so much spam
that it was too costly to read it all and fish out the valid complaints.
(this is a ~recent spammer tactic, clogging the metadata paths to make it
harder for network owners to discuss spammer activities.)

On spam-l it was reported that there presently is a valid address of spoof (for the purpose of sending abuse complaints about spoof paypal websites[1]) at paypal.com. Since ebay now owns paypal, I suspect you can use that address to report spoof sites and emails for either service and that the human at the other end has enough clue to realize that they should act on all such spoofs reported to that address.


[1] yes, I realize this makes the sentence look really weird. I worded it this way to help keep the spoof address from being "machine readable" if/when spammers start scarfing username (at) domain (dot) com munging and concatenating that back into the unmunged email address. It's hard enough to get a real email address for inside ebay or paypal that we need to protect what addresses we discover.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]