Scammers never run out of ideas. They are always ready to adopt a different approach.
That is why bidorbuy users should always be on the alert.
During the weekend, several bidorbuy sellers ended up falling victim to a phishing attack after receiving a query on their bidorbuy classifieds listing, followed by this, at the first sight innocent, message:
The bidorbuyers who did click on the link provided in the message ended up on the log-in page of the scammers’ web site. Those who proceeded to enter their user name and password had their log-in details stolen and their bidorbuy account hi-hacked by the scammers.
Scammers use different messages as bait.
How to recognise a phishing email?
- To check if a message has been sent from bidorbuy, click on reply and carefully study the addressee bar. If the part after @ has anything except bidorbuy.co.za in it, the message is not from bidorbuy. It is a phishing email.
- To check whether the web site link leads to the bidorbuy web site, hover over the link and the destination ULR may appear in your email client. Alternatively, carefully check the URL that appears in the browser window after you click the link. In this case, the link that appears in the phishing email as
http://www.bidorbuy.co.za/item/33688153/km_One_Owner_2006_Model.html
leads straight to
http://log-bidorbuy.co.za.qipim.ru/loginUserLogin.jsp.html.html
which is not the same thing at all, right?
What to do if you receive a phishing email?
Delete it.
How to make sure you do not take the bait and become a victim of a phishing attack?
Don’t click on links contained in the email messages you receive. Instead, type the web address in the browser window yourself and only then proceed to log in.
Now that you are better equipped to recognise and deal with phishing emails, here’s hoping that no bidorbuy user will fall victim next time around!
