Indeed, no less than 3 versions of the fraudulent phishing e-mails posing as communications from Trade Me were found doing the rounds during December 2010.

One of them, captioned, "Important account information," poses as a formal notice from Trade Me that informs the customer (e-mail recipient) of the expiration of his Internet trading account.

Subsequently, it directs him for reactivating his account via filling out one given form with his password, login and payment card information, failing which his account will become restricted as well as erased.

Said 55-year-old Lesley Wheatley, an accountant in Stillwater, North Auckland (New Zealand), the e-mail instantly made her feel suspicious, yet she found the attachment so persuasive, as it accurately copied the login web-page of Trade Me. Nzherald.co.nz reported this.

Wheatley added that the copycat page was an amazing imitation since when she compared it with the actual page the only distinction she found was with respect to the box for the login details.

Explain security researchers that the method for operating a phishing campaign involves fraudsters dispatching e-mails which seem authentic and from companies or websites, similar as in the instance of Trade Me. These e-mails attempt at phishing for details -usernames and passwords -by directing the recipient for confirming his private information like it's been done within the Trade Me episode.

Hence, the researchers advise users to follow certain simple security suggestions for warding off phishing. First, they mustn't ever give out their usernames or passwords through e-mail, no matter if the e-mail sender is any legitimate company.

Second, these e-mails usually sound urgent, coercing recipients into entering their secret information, so they must be ignored.

Meanwhile, Trade Me has urged their clients to inform them if anyone gets an e-mail posing as a Trade Me message in order that they may arrange to have the fake website closed as also stop individuals from falling victim to the scam.