Welcome
Buyer Community> Trade Intelligence> Safety & Security> How to Protect Yourself from Phishing Emails and Websites

How to Protect Yourself from Phishing Emails and Websites

Published: 04 May 2011 04:49:50 PST

Alibaba.com is the world's largest online B2B marketplace connecting buyers and suppliers worldwide. We are committed to promoting and providing a safe and fair trading environment to all users. However, fraudsters are always devising new ways to cheat the honest trader and negatively affect the trading environment. One example is by using phishing emails and websites. This fraud was mainly invented to cheat you of your Alibaba.com Member ID, password and other personal details. When obtained, fraudsters will sign in to your account, pretend to be you and commit scams in your name.

The following info is provided to help you avoid phishing scams:

1. Examples of typical phishing emails/websites

1) Five types of typical phishing emails

Case no.

Sender

Features

I

in the name of Alibaba.com

Ask for your personal info such as Member ID and password

II

in the name of Alibaba.com

Ask for your detailed info including both company and personal info

III

in the name of Alibaba.com

Ask you to pay through high-risk payment methods

IV

in the name of Alibaba.com

Ask you to buy Alibaba.com paid membership at a low price

V

in buyer’s name

Ask for your personal info such as Member ID and password


2)  Typical phishing websites

You will be taken to websites like these when you click on links in phishing emails.

Example 1




Example 2






2. Tips on not becoming a victim of phishing emails/websites

To prevent being a phishing website victim, please be aware that if you suspect the website you’re on is a fake Alibaba.com site, just enter an incorrect email and password at least three times. If you are able to sign in to this incorrect account, leave this website immediately and report to Alibaba.com.


3. Key features of typical phishing emails/websites:

A. Fake Email Address

Fraudsters typically send emails using fake email addresses. Some of these addresses may appear to be real such as tradealert@service.alibaba.com or security@alibaba.com.

Please be aware that the ‘From’ field in emails can be easily altered and that they are not a reliable indicator of the true origin of the email.

B. Non-Personal, General Greetings

Most fraud emails start with a general greeting such as ‘Dear Alibaba Member’ or Dear Alibaba User’.

Please be aware that emails from Alibaba.com start with your first name, i.e. ‘Dear Tanya,’.

C. Stress Urgency / Threaten Your Account Status

Fraudulent emails typically claim that your account is suspended and that you need to supply your personal info such as Member ID, password or credit card number without any explanation.

They will also try to scare you into urgent action by threatening to suspend your account if you do not provide sensitive information as soon as possible.

D. Fake Website Addresses (URLs)

Fake emails usually contain website addresses (URLs) that link to fake websites that asks for your personal info.

Please be aware that if Alibaba.com requests information from you, we will always direct you back to the Alibaba.com site (www.alibaba.com or www.aliexpress.com).

E. Fake Feedback Forms

Many fraud emails will ask you to click a link or complete a form which is similar to those provided by Alibaba.com. Through this ploy, fraudsters hope to trick you to share your personal details such as Member ID, password or credit card information. 

F. Reference to the Alibaba.com User Agreement

In their emails/websites, fraudsters constantly refer to the Alibaba.com User Agreement in order to appear legitimate and authoritative. To counter this, just email our Customer Service Team at alibaba@service.alibaba.com should you have any inquiries.

G. Fake Alibaba.com Sign-Off

To appear legitimate, fraudsters will also sign off their fraudulent emails using normal Alibaba.com sign offs such as xyz@security.alibaba.com. If you are unsure of the legitimacy of the email that you received, contact our Customer Service Team at alibaba@service.alibaba.com immediately.

If you think you may have been a victim of phishing emails/websites, contact our Customer Service Team at alibaba@service.alibaba.com and sign in to My Alibaba to change your password immediately.

To learn more about recent phishing examples, click here.
Related Article
Most Popular