A real-life phishing saga


Only today, we received this email message from a bidorbuy user – let’s call him John Doe:

“I have had over 120 calls about purchasing Landrovers, motor cycles, Toyotas, caravans, BMW’s and so on. Someone is obviously using my user name and telephone number. They are asking for deposits into some account. Please investigate urgently; my good name is being seriously undermined!”

The bidorbuy customer service did investigate, naturally. It transpired that some time ago John Doe received the following email message:

And – yes – he did follow the link provided in the message, he did enter his bidorbuy user name and password in the page he landed on…

Luckily for John, and probably due to negligence, the criminals did not change the telephone number provided in his bidorbuy account. Alerted by all the calls he received soon after he had taken the phishing bait, John contacted bidorbuy. Our customer service consultant promptly re-set his log in details and John was able to reclaim his bidorbuy account.

The above story has a happy ending because things were set right before any damage was done. However, it could have ended in tears (shed by people defrauded via John’s bidorbuy account) and bitter remorse (weighing on John’s consciousness).

If you receive a similar “urgent” message, do not respond to it. Go to your browser, type www.bidorbuy.co.za in the address bar and then check to see if everything is in order with your account. Alternatively, drop a line to hello@bidorbuy.co.za or phone 0861 88 0861.

At the very least, before you click on a link in an email message purporting to come from bidorbuy, check the email header and the sender’s email address to make sure it really is from @bidorbuy.co.za (scammers usually use some free web-based email service). And after you click on the link, check the destination web site address to make sure that it is indeed bidorbuy.

Also, read this blog entry: Don’t get caught by phishing.