"A security conscious computer user will quickly see that the product links do not point to ebay.com, and that is why the page has been so carefully crafted to resemble a real eBay deals webpage," writes Barracuda research scientist Dave Michmerhuizen. "The phisher hopes that the image of a 33 percent discount on a new iPhone will keep you from noticing that all the links on the page actually go to a hacked Russian Web site of a company whose business is selling windows."
Click on a link in the e-mail, and you'll be taken to a convincing product page -- click on "Buy It Now," and you'll be asked to sign in. If you look closely, though, you'll notice that you're not actually on eBay's Web site -- the domain is okonsib.ru.
If you continue through the purchase process, you'll be asked for payment information, then told your purchase is complete and that you should expect a confirmation e-mail.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
"Don't hold your breath," Michmerhuizen writes. "The only emails you are likely to get will be telling you that your password has changed, your email address is changed, and someone is purchasing items in your name."