2 min article

Recognising spoof or phishing attempts

Be suspicious of any unusual request for your personal or financial information. It may be a "spoof" or "phishing" attempt.

Scammers may impersonate well-known companies via email, phone or text message, in the hope that recipients will provide confidential information (including passwords or bank or credit card details) and/or download malicious software.

If a message demands you take immediate action, includes attachments or links, asks you for personal information or promises a deal that is too good to be true, you should be cautious. Don't click on links that come from people you don't know, and don't respond.

When in doubt, start at the eBay homepage. Open a new browser window, type www.ebay.com.au, and go from there.

Characteristics of spoof or phishing attempts

A phishing email pretending to be from eBay typically contains a link that takes you to a fake website. There, you'll usually be asked to sign in, and submit personal and account information. These emails often include the eBay logo and a fake eBay address in the "From" line.

Here are some typical traits of phishing scams:

  • Asking for confidential information
  • An urgent or threatening tone that asks you to act quickly
  • Unsolicited attachments
  • A generic greeting, like "Attention eBay member"
  • A web address that looks like eBay, but which may have a typo or extra numbers and letters (like http://signin-ebay.com.au or http://signin.ebay.com.au@10.19.32.4)

Recognising legitimate contacts from eBay

If we need to contact you about your account, you can expect that:

  • We'll typically include your eBay username on any emails we send you, as well as the first and last name registered on your account. An eBay customer service agent phoning you will know these details as well.
  • We won't ask you to provide confidential information like your password or credit card details via email or over the phone.
  • We'll only include links for convenience. No link will require you to submit confidential information on the next page.
  • We won't include attachments. If you receive an unsolicited email with an attachment, don't open it.
  • We won't ever use threatening language or include specific threats.
  • We'll always send a copy of any important messages about your account to your eBay Messages - opens in new window or tab.

How to report spoof and phishing emails

If you receive a suspicious email that appears to come from eBay, you should report it to us immediately. Here's how:

  1. Don't click any links in the email or open any attachments.
  2. Forward the message to us as an attachment at spoof@ebay.com.au. We'll let you know that we received the email.
  3. Delete the message.

Tip
To help us investigate the source of a spoof or phishing email, please ensure you include the message as an attachment.

eBay will never ask you for your password or financial information via email or over the phone. If you're not sure whether a message was genuine, type www.ebay.com.au into a new browser window, then sign into your account.

Was this article helpful for you?

Related Help topics