New Phishing Scam–Disguised as StubHub Order Confirmation: Do Not Click on The Link In The Email!

Published on October 28, 2011 By DrJBHL In Personal Computing

I don't know if anyone here is a StubHub customer or not... there is general info here as well as "what to do if" info which might be useful.

A brand new email scam masquerading as an order confirmation from StubHub was sent to an undetermined number of people yesterday, 10/27/2011.

StubHub is an online ticket broker subsidiary of Amazon.com and it was swamped with calls related to the email fraud yesterday. MSNBC reported that StubHub posted a warning on their homepage quickly and put out warnings through the social media. I visited their homepage today but found none.

The phishing email reportedly looks like a receipt for an order for two tickets to a boxing match in Las Vegas on Nov. 12. It 'appears' to be sent by StubHub, and the charge is $2,766.95. This email apparently went to both StubHub users as well as random individuals. Perhaps purchased email lists were used to cast a wider net for more victims. The scam appears to have come from Eastern Europe (no surprise – as apparently many do).

The fake email’s purpose is to get recipients to click on embedded link/s and by doing so to obtain info such as credit card and account numbers as well as passwords.

Anyone who received this email and clicked through it and entered account information should go to StubHub’s website and change his/her password ASAP. No one has been charged for the purchases which were never really made anyway, according to StubHub.

What’s unclear to me is how the names of StubHub’s account holder’s became known to the criminals perpetrating this scam.

There is recourse for folks hit by a phishing scam. First, don’t be ashamed. Until you take time and learn about online crime there’s no reason you should ‘expect’ to know about it. Folks who believe they've been victimized by an internet related scam should report it to the Internet Crime Complaint Center, or IC3. That can be done here: http://www.ic3.gov/default.aspx

and here: http://www.ftc.gov/. What actions should you take if you believe you might immanently become the victim of identity theft (act quickly) or are one? Ask.com gives good answers here: http://idtheft.about.com/od/reportingidtheft/a/Report_IDTheft.htm

Incidentally, the same procedures should be followed if you have lost or had your wallet/purse stolen.

Source:

http://www.msnbc.msn.com/id/45068880/ns/technology_and_science-security/

http://www.justice.gov/criminal/fraud/websites/idtheft.html

What to do ‘if’:

http://idtheft.about.com/od/reportingidtheft/a/Report_IDTheft.htm

https://forums.wincustomize.com/412936/page/1/#3013290 (reply #3)

Comments

No one has commented on this article. Be the first!

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

Richer content, access to many features that are disabled for guests like commenting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!