Hey, Yahoo, Quit Helping Scam Artists!

I'm researching a real-life writer's fairy tale. I read about it this morning and want to do a bit more research before posting it here.

In the meantime, I started the morning out with an eBay scam.

I need to say at the outset that I've been trading on eBay for more than eight years. In all that time, I've never had a problem of any kind. Of course, I follow a few simple rules. I NEVER respond directly to an email purporting to be from eBay. I always log into my account first and check to see if that message is also in my eBay mailbox. If it's not, I contact eBay's security department, Safe Harbor, to report a scam. I've probably reported a half dozen scams over the years I've had my eBay account.

This morning's email worried me. Historically, most emails from eBay (both scams and real ones) show up in my spam folder. Occasionally, the real ones get through to my in-box. However, I have NEVER had a scam arrive directly in my in-box until today.

This reminded me: Back on February 8 (with a follow-up on March 4), I posted a blog about a new initiative being implemented by AOL and Yahoo. Both email providers had decided to institute a system whereby companies could purchase preferential treatment for messages by paying from 1/4 of a cent to a penny each to have them delivered. In other words, advertisers could buy their way out of your spam folder and into your in-box with the electronic equivalent of a postage stamp.

The fake email today looked real. It contained warnings against scams. It also included a link so that I could respond directly to eBay if I thought the email was a scam.

You have to admire the cleverness of a scam based on your reporting the scam. That takes chutzpah.

My point here though is that--if this scammer bought an "electronic postage stamp" to bypass my spam folder--he has, in effect, made Yahoo a partner in his nefarious scheme. And Yahoo, by accepting the cash, has legitimized the scammer, allowing his sneaky little email to be delivered to my in-box account.

I have to wonder how many people will be caught by this clever ruse. If you're rushing through your in-box and find an email with a button to report a scam, might you do so before you think it through?

This is just not right. If Yahoo and AOL are going to accept money to provide "special delivery" emails, they have an obligation to their customers (I pay for my Yahoo account through SBC Global) to ensure that they are not participating in a scam.

Remember: always behave defensively. You can be mugged as easily online as you can walking down a dark alley at night.

P.S. I've just heard back from eBay's security division (about a three-hour turnaround). They confirmed that the email I received was a "spoof," an attempt to get me to respond. Merely the act of clicking on that "reply" button would have offered the crook access to my personal information. eBay is reporting the email to the appropriate authorities.