Welcome to WebmasterWorld Guest from 54.147.63.124

Forum Moderators: phranque

Message Too Old, No Replies

Ebay Anti-fraud Forum Hit By Fraudsters?

     
4:48 pm on Sep 26, 2007 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:22318
votes: 239


Hackers have posted personal information on 1,200 Ebay customers to an Ebay forum, dedicated, ironically, to fraud prevention. The information was up for around an hour this morning before Ebay shut the forum down and displayed email details, CVV2 numbers, telephone numbers, home addresses and possibly credit card details to visitors.

Ebay says the information was not acquired through a breach of its security and suggests it was likely obtained through phishing or account takeovers. The company also says that the credit card details displayed do not match those on either its own or PayPals servers.

Ebay Anti-fraud Forum Hit By Fraudsters [pcpro.co.uk]

Hat tip to bwnbwn [webmasterworld.com...] (-subscription required)

6:22 pm on Sept 26, 2007 (gmt 0)

Preferred Member

5+ Year Member

joined:June 8, 2006
posts:556
votes: 0


That was interesting. I remember last night someone posted this issue on my forum (about 1800 CDT last night). People were seriously pissed that eBay took so long to react (they said 90 minutes). There was a post on eBay's board that I read where members were BEGGING eBay to do something...pull the plug...and the like. It was quite interesting to watch indeed. Many, many people were not happy campers on eBay last night, I can certainly assure you of that. I have seen weird things on eBay, like auctions popping up with porn, and then disappearing and then reappearing and all kinds of things like that...there IS some way that some have learned to insert listings into eBay without paying...someone said it was "spoofing." I got ripped a few years ago for $1000 by those very means off of eBay. Maybe they will get those issues fixed now as well.
10:40 pm on Sept 26, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 5, 2006
posts:2094
votes: 2


Just goes to show you how unsafe paypal and ebay are. That is a big reason why we do not accept pay pal on our ecom sites.
11:22 pm on Sept 26, 2007 (gmt 0)

Preferred Member

10+ Year Member

joined:Mar 24, 2002
posts:373
votes: 0


--Just goes to show you how unsafe paypal and ebay are--

Ebay's forums are full of people who would love to use a different service... but who do they use?

Ebay has a monopoly. It might not have a technical lock-in like Windows, but in practice there's no real way for rivals to compete with Ebay, even though there are plenty of potential customers for a rival service.

And of course as soon as you become a profitable monopoly, there's almost no pressure to maintain quality control on your product. You can do what you like, and your customers have nowhere else to go.

12:11 am on Sept 27, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 2, 2003
posts:3710
votes: 0


Interesting...

I received a letter from ebay a few days ago addressed to a fictitious individual in my company. Seemingly, someone has created an ebay account in my company's name. I was forced to phone a premium rate number to get a valid email address to report this problem. I received a bog-standard reply along the lines of "we have taken appropriate action...".

The reply did not refer to any of the specific points I raised and a subsequent email has been completely ignored. Given that ebay presumably has bank details of this fraudster and logged IP address data, etc. if they fail to treat this matter properly, I'll take it to the police - and if they don't sort it out, I'll take it to the press. Naturally, I plan to get the cost of the premium rate call refunded too.

The guy I spoke to mentioned that I was not the first person he'd spoken to with this problem.

Kaled.

6:46 pm on Sept 27, 2007 (gmt 0)

Full Member

5+ Year Member

joined:Feb 27, 2007
posts:255
votes: 0


This is what scares me:

Ebay says the information was not acquired through a breach of its security and suggests it was likely obtained through phishing or
account takeovers

Meaning that the information COULD have been taken from eBay, they just don't know it (meaning the hole is still there).

7:03 pm on Sept 28, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:July 16, 2001
posts: 2006
votes: 0


There's a reason why login & password is required for every session on eBay. Tech savvy level for average eBay user is not very high. This explains how someone could easily be taken in a phishing scam. I wouldn't be surprised if a competitor paid some hackers to engage in corporate sabotage.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members