homepage Welcome to WebmasterWorld Guest from 23.20.19.131
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Visit PubCon.com
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque & physics

Webmaster General Forum

    
Ebay Anti-fraud Forum Hit By Fraudsters?
engine




msg:3461672
 4:48 pm on Sep 26, 2007 (gmt 0)

Hackers have posted personal information on 1,200 Ebay customers to an Ebay forum, dedicated, ironically, to fraud prevention. The information was up for around an hour this morning before Ebay shut the forum down and displayed email details, CVV2 numbers, telephone numbers, home addresses and possibly credit card details to visitors.

Ebay says the information was not acquired through a breach of its security and suggests it was likely obtained through phishing or account takeovers. The company also says that the credit card details displayed do not match those on either its own or PayPals servers.

Ebay Anti-fraud Forum Hit By Fraudsters [pcpro.co.uk]

Hat tip to bwnbwn [webmasterworld.com...] (-subscription required)

 

WiseWebDude




msg:3461770
 6:22 pm on Sep 26, 2007 (gmt 0)

That was interesting. I remember last night someone posted this issue on my forum (about 1800 CDT last night). People were seriously pissed that eBay took so long to react (they said 90 minutes). There was a post on eBay's board that I read where members were BEGGING eBay to do something...pull the plug...and the like. It was quite interesting to watch indeed. Many, many people were not happy campers on eBay last night, I can certainly assure you of that. I have seen weird things on eBay, like auctions popping up with porn, and then disappearing and then reappearing and all kinds of things like that...there IS some way that some have learned to insert listings into eBay without paying...someone said it was "spoofing." I got ripped a few years ago for $1000 by those very means off of eBay. Maybe they will get those issues fixed now as well.

trinorthlighting




msg:3462035
 10:40 pm on Sep 26, 2007 (gmt 0)

Just goes to show you how unsafe paypal and ebay are. That is a big reason why we do not accept pay pal on our ecom sites.

gibbergibber




msg:3462064
 11:22 pm on Sep 26, 2007 (gmt 0)

--Just goes to show you how unsafe paypal and ebay are--

Ebay's forums are full of people who would love to use a different service... but who do they use?

Ebay has a monopoly. It might not have a technical lock-in like Windows, but in practice there's no real way for rivals to compete with Ebay, even though there are plenty of potential customers for a rival service.

And of course as soon as you become a profitable monopoly, there's almost no pressure to maintain quality control on your product. You can do what you like, and your customers have nowhere else to go.

kaled




msg:3462093
 12:11 am on Sep 27, 2007 (gmt 0)

Interesting...

I received a letter from ebay a few days ago addressed to a fictitious individual in my company. Seemingly, someone has created an ebay account in my company's name. I was forced to phone a premium rate number to get a valid email address to report this problem. I received a bog-standard reply along the lines of "we have taken appropriate action...".

The reply did not refer to any of the specific points I raised and a subsequent email has been completely ignored. Given that ebay presumably has bank details of this fraudster and logged IP address data, etc. if they fail to treat this matter properly, I'll take it to the police - and if they don't sort it out, I'll take it to the press. Naturally, I plan to get the cost of the premium rate call refunded too.

The guy I spoke to mentioned that I was not the first person he'd spoken to with this problem.

Kaled.

draggar




msg:3463022
 6:46 pm on Sep 27, 2007 (gmt 0)

This is what scares me:

Ebay says the information was not acquired through a breach of its security and suggests it was likely obtained through phishing or
account takeovers

Meaning that the information COULD have been taken from eBay, they just don't know it (meaning the hole is still there).

sun818




msg:3464108
 7:03 pm on Sep 28, 2007 (gmt 0)

There's a reason why login & password is required for every session on eBay. Tech savvy level for average eBay user is not very high. This explains how someone could easily be taken in a phishing scam. I wouldn't be surprised if a competitor paid some hackers to engage in corporate sabotage.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved