.info domains are now getting an underserved “reputation” largely because of special promotions making them extremely cheap to register, so favoured by spammers, and sploggers.

One way to check is to bring your mouse to hover over one of the links (but don’t click). In Mozilla Mail the URL this shows in lower bar of the browser. You fill find these are not legitimate ebay domains (or will just be an IP address). A common trick is actually to include legitimate links in the email. Don’t click on any of them!

This one which came in today appeared to come from a Russian domain - smtp.ru, but often the spammers will use lengthy subdomain which contains the brand, ebay, paypal, barclays etc..

Delete any email where the link URL includes an `@.` Browsers are designed to ignore anything before the `@.` For example:

http://barclaysbanks.co.uk@scamdomain.com/login

The real location will actually be:

http://scamdomain.com/login

Most browsers will warn you now if you try and go to a domain with an `@` in the URL. For example in Firefox/Mozilla:

Obviously avoid any link which is an IP address. For example:

https://22.22.33.44/trustmebank/secure/login

You might wonder how people get away with hosting such as sites which harvest confidential information. Quite often they are hosted on hacked servers, where crackers have exploited a security issue in a php script.

Microsoft have provided the following tips on:

Safe browsing

Detecting fraudulent emails

This one is slightly more subtle in that the email (using Paypal Logo’s and colours) invites you to “login” for assistance, or to “update” your preferences which then redirect you on to the IP address of the phishing site, where they will harvest your Paypal credentials. Be Warned!