I just sold my Gateway M675 laptop on eBay a second time (after writing a long blog post about my experiences).  This time I added a Buy It Now price so it ended a lot sooner.  This sale was to an account that was created today and didn’t have any selling/buying history.  I did a google search for the phone number listed and it didn’t return any results.  I also did a google search for the address and it looks like the address is the address of the Quality Hotel Times Square (157 W 47th St, New York, NY  10036).  I just tried calling the phone number and it has been disconnected.  This is starting to get really frustrating.  I’m beginning to lose faith in mainkind and eBay.

After I report it to eBay I think I’ll call the hotel to see if someone by that name is staying there.  It’ll be an interesting experiment.  I think I’ll have to see if I can restrict the auction so no user account without any purchasing/selling history can bid on it.

Does anyone have any tips for preventing this kind of thing when selling items on eBay?

If you were interested in purchasing my laptop today is your lucky day.  It has been relisted due to the winning bidder’s account getting hijacked by someone wanting me to ship the laptop to Nigeria.  It is a really decent laptop and should make a great home/office computer for someone.

Item #150170879691 - “GATEWAY M675 P4 HT 2.6GHZ 2GB 80GB CDRW 17″ WIRELESS“ - Start Date/Time:  10/11/2007 @ 12:30PM EST (9:30AM PDT)

<rant>I’m really tired of all the scammers out there sending out spoof e-mails from banks, eBay, PayPal, etc.  I’m tired of all the spammers sending out junk e-mail trying to send me billions of dollars because someone in Nigeria has died.  Luckily ExchangeDefender can take care of the symptoms of the spam problem.  However, the source of the problem still exists.  It would be awesome if there was some way to magically find all of the scammers to lock them up and throw away the key.</rant>

There are other people (example1, example2, example3) that were asking about this same scam on eBay over a year ago (as early as 08/15/2006).  In fact, they even listed the same shipping address as the one sent to me.  You would think the police would eventually shut this guy down.

The address listed was:
Adeyemi .A. Bolarinwa
No 12 Dikat House
Ring Road, Ibadan
Oyo State, Nigeria  23402

Here are some things that should raise some red flags about the e-mail screenshots that I posted below:

1. The buyer wants the seller to ship the item to an alternate mailing address.  This should raise a red flag in your mind (especially if it is an address in Nigeria). 
   TIP: Only ship to the shipping address listed by PayPal/eBay as the buyer’s address.  Also, usually only verified PayPal addresses give you protection when selling items on eBay.  I would also recommend trying to independently verify the buyer’s contact information (i.e. if their phone number is listed in the white pages you can type it into google and it will give you their home address).  Make sure you also use a reputable shipping company and be sure to get a tracking number.  Insurance might also be a good idea but I’m not sure if it protects against fraud or only shipping damages.
2. The e-mail address in the e-mail messages is a fake e-mail address (i.e. on the PayPal e-mail the e-mail address ends in @officeemail.net instead of @paypal.com which is a big red flag).
   TIP: The e-mail addresses should always end in @paypal.com or @ebay.com.  You should also be careful because the from address in e-mail messages is easy to spoof.  If you get an e-mail that you think is a spoof (even if you aren’t 100% sure) please forward the e-mail message to spoof@ebay.com or spoof@paypal.com right away.
3. Official e-mail messages from eBay and PayPal will also usually have corresponding messages that show-up on their website after you login to your account but these messages didn’t show up there for me.
   TIP: Don’t click on the website links in the e-mail but open your web browser and manually type in http://www.paypal.com or http://www.ebay.com instead.  One way accounts get hijacked is by tricking people into going to a website that looks like the real website but instead captures your login credentials and sends it to the scammer.  If they start asking you for personal information (i.e. social security numbers, credit card numbers, etc.) that should definately raise a red flag in your mind.  If you think it is a spoof e-mail (or website) please report it to eBay or PayPal right away.
   TIP: PayPal and eBay will never ask you for your personal information in an e-mail message.  If you get an e-mail that you think is a spoof (even if you aren’t 100% sure) please forward the e-mail message to spoof@ebay.com or spoof@paypal.com right away.
4. They try to make it sound like the payment has already been sent and ask you to ship out the item right away.  However, in my case the e-mail didn’t list the correct payment amount and when I signed in to PayPal there were no notices of any payments or pending payments sent.
   TIP: Never ship the item out without confirming that the payment has been received and has cleared the bank.  Be sure to login to PayPal by manually typing the address into your web browser and verify that the money is there before shipping your item.

Additional Information:

• eBay Spoof Tutorial
• PayPal Security Center:
  • PayPal Online Safety Essentials
  • PayPal Phishing Guide
  • PayPal Identity Theft Guide

Fake PayPal E-mail:

Fake E-mail From Buyer:

Fake eBay E-mail:

There was an interesting article posted on the AutoPatcher.com Blog today that talks about the history and future of AutoPatcher.  They talk about the Blaster worm which spread like wildfire across the Internet and rendered many computers unusable until the infection was removed.  Here is a short excerpt from the AutoPatcher.com Blog:

We will be working on a web-oriented solution which we hope will give use two great benefits: easier and more efficient upgrades and easier “all-in-one” creation. Since I’m in the middle of exams, I will probably start coding in about a week from today. Although we can’t really provide an estimate on when the next AutoPatcher will be available, we will do our best to have everything ready (and above all Microsoft-free) just in time for an October release.

One of my experiences with the Blaster worm:

I remember the days of the Blaster worm well since I had to clean many computers infected with it (as well as some similar ones).  I remember one instance very well.  At the time some of the colleges around here were huge breeding grounds for computer viruses upon the arrival of new students.  My girlfriend (at that time) needed to have Windows XP reloaded on her computer.  I think it was because it was infected with the Blaster worm but I can’t remember for sure.  I grabbed the Windows XP SP1 CD, reformatted the hard drive, and reinstalled Windows.  Installing Windows XP SP2, all of the latest security updates, and Anti-Virus software were my top priorities after installing Windows.  However, I learned a lesson the hard way that day.  As those of you in the IT industry know Windows XP SP1 didn’t include the built-in firewall.  That important security feature came as part of the SP2 release.  The tiny problem was that I had left the network cable plugged into the computer when reinstalling Windows on a network with thousands of laptops owned by college kids.  Needless to say, a bunch of these computers didn’t have the latest security updates or current Anti-Virus programs installed which resulted in a bunch of computers on the network becoming infected.  Since I had the network cable plugged-in it didn’t take long for the fresh install of Windows XP SP1 to get infected with the Blaster worm even though I started installing SP2 almost immediately after reinstalling Windows.  To make a short story longer, I ended up reformatting the computer and reinstalling Windows XP again.  This time I was sure to unplug the network cable and install SP2 before plugging it back into the network.  That day I learned an important lesson:  install the latest security updates before connecting the computer to a network, especially one that you don’t manage yourself.  This is where I think AutoPatcher comes in really handy.  It allows you to get almost all of the latest security updates installed before connecting to the Internet.  Of course, now I usually slipstream SP2 into the Windows XP CD but AutoPatcher is still very useful because there have been a lot of updates released since SP2 came out. 

Commencing at midnight, August 15th, 2007 we will start relaying mail using the two new subnets announced a few weeks ago. We have also provided a helpful guide to setting up IP restrictions with Exchange 2003. It is also recommended that you enforce IP restrictions on your firewall depending on your network topology.

For the entire blog post please visit the Own Web Now Blog.

Straight from the Own Web Now Blog:

ExchangeDefender v3.1 core is now live.

Over the next five days we will go through the core aspects of ExchangeDefender and all the new features. We will provide ample screenshots and feature details so you can best implement ExchangeDefender in your day-to-day email management.

Keep an eye on our blog at http://www.ownwebnow.com/blog

Today ExchangeDefender subscribers will be getting a free new feature called LiveArchive.  I am very excited about this new feature because it will allow businesses to keep using their company e-mail accounts even if their mail server isn’t accessible for some reason.  If you don’t have the ExchangeDefender service and would like to find out more about it please let me know.  I’ll be glad to send you more information and help you get setup.  It has cut the time I spend dealing with junk e-mail down to less than 5 minutes a day.

Here is a copy of the announcement on the Own Web Now Blog:

We are very excited to announce that after months of development and beta testing, ExchangeDefender LiveArchive is officially launching this Monday, August 6th, 2007.

What is LiveArchive you ask? LiveArchive is a provision for business continuity - to allow your business to stay in business and keep on communicating even if your mail server, Internet connection or other means interfere with the mail flow to your mailbox. As e-mail is being processed by ExchangeDefender it is copied to a live mail server. The original message is delivered to your corporate mail server or sits in the queue if your mail server is down. At any time you have access to the past seven days of email via secure, web based interface available from anywhere you can browse the web. The connection is secured using commerce-grade SSL, the logins and access are audited for compliance purposes and even on-disk encryption is supported.

The best part? Well, it’s free. Yes, free as in each mailbox you currently have protected by ExchangeDefender can have a LiveArchive feature enabled through the control panel at no additional cost to you. As an additional show of appreciation for our community, LiveArchive is offered free of charge to the Florida government organizations and emergency operations during the hurricane season and has been in beta testing since March.

Microsoft has created a security portal on their website with some excellent resources on the latest online threats.  It is called the Microsoft Malware Protection Center and the initial release contains:

• Four “Top 10″ lists:
  • Desktop Threats
  • MSRT (Malicious Software Removal Tool) Detections
  • Most Active Email Threats
  • Adware/Spyware
• An encyclopedia of malware and unwanted software
• Links to more tools & resources
• Sample submission page:  A place to send the team files, suspected to contain malware, to be analyzed
• Definition updates for Windows Defender as well as Forefront Client Security

I originally found out about the new portal from the Spyware Sucks blog.  They kept referring to it as the MLPC (which probably goes back to the Live branding confusion saga).
NOTE:  They changed MLPC to MMPC after I wrote this blog post.

There is also some good information on the Anti-Malware Engineering Team blog about version 1 of the portal going live.  They mentioned that this release was just a beginning and asked for people to send feedback about the portal to mpcfb@microsoft.com.

Here is a tip from the Microsoft Office Outlook Team Blog about how to reduce spam by using the new postmarking feature in Outlook 2007.

Postmarking is a new part of the Outlook 2007 junk e-mail feature; it complements the existing feature set to reduce the amount of spam in your inbox.

One of the great advantages of e-mail is that it is easy and cheap to send. Unfortunately, this is the very same reason that makes it so useful to spammers as it enables them to send huge amounts of email in bulk.

Think of Postmarking as computational “postage” imposed when sending email. This is a small burden for an individual user, but is a very large burden for spammers. Spammers rely on being able to send thousands of mails per hour, and in order to be able to send spam with postmarking turned on, they would have to invest a very large amount of money to expand their computational power.

Postmarking generation is only present in Outlook 2007 and postmark validation is present in Outlook 2007, Windows Live Mail , Exchange 2007, and Windows Mail in Vista.

So, how does it work?

Sending e-mail with postmark: Before messages leave your Outbox, Office Outlook 2007 stamps each message with an e-mail postmark. The postmark incorporates unique characteristics of the message, including the list of recipients and the time when the message was sent, making the postmark valid only for that message. As a result it takes a little longer for the message to leave the Outbox – however, this is not noticeable during normal day-to-day Outlook usage.

Receiving e-mail with a postmark: When a recipient e-mail application that supports Outlook e-mail postmarking receives postmarked mail, it recognizes the postmark. The postmark means that the message is most likely not spam and this is an additional factor evaluated by the junk e-mail filter when determining if an email is spam or not.

How to turn Postmarking off

To turn on/off Postmarking, use the following option in Outlook 2007:

1. On the Tools menu, click Options.

2. On the Preferences tab, under E-mail, click Junk E-mail.

3. Clear the When sending e-mail, postmark the message to help recipient e-mail programs distinguish regular e-mail from junk e-mail check box.

NOTE:  I updated the post to include a copy of the instructions (without including the screen shot at the end).  I also noticed after posting this tip that it is currently only supported within Microsoft’s e-mail software (i.e. Outlook 2007, Exchange, etc.).  That severly limits the effectiveness of this feature because there are a lot of people out there that use e-mail software that isn’t made by Microsoft.  You’re much better off using a server-based solution that works well no matter what client everyone else uses.  The solution we use ourselves, as well as resell and recommend to clients, is called ExchangeDefender.  It has cut the time we spend dealing with spam down to less than 5 minutes a day.