I’m not sure how eBay allowed a dozen auctions to slip by that may have stolen hundreds of user ID’s before they were shut down.
My Girlfriend (Sara) was browsing eBay’s “Toys and Hobbies” category and the first two auctions had a gallery image with full frontal nudity. She asked me how it was a seller could do that, and I told her they can’t. I went on to let her know we needed to report the seller.
She clicked on the auction link and was greeted with a login page (which happens on eBay sometimes). It wasn’t until after she submitted her login information that I realized she wasn’t on eBay.
With further inspection we found as soon as the auction link was clicked the user was taken off eBay and instructed to login with a page and website that looked just like eBay, but the URL was NOT on eBay.
We quickly went back to eBay and changed her password so that nothing could be compromised and I opened up a live support chat on eBay.
By the time I got a rep on live support, (10 minutes) the offending auctions had been shut down (including the others that showed up with the same title, in different categories – 12 in all) My issue at this point was that a seller should not have been allowed to list an auction that takes a user off eBay for the purpose of stealing the login details.
This was obviously a script of some sort installed into an auction listing, and when I asked the eBay rep why and how this happened, all she could say is that eBay makes every effort to create a safe and secure environment, and that while unfortunate they can’t prevent 100% of the bad guys all the time.
I strongly disagree, this type of auctions should not have even been possible, and there is no telling how many people were caught with this phishing attempt when the user tried to report the auction.
Although eBay shut them down very quickly, the auction should not have been allowed.
The moral of this, don’t think for a second just because you may be seasoned online or know how to protect yourself that this can’t happen to you. BE SURE you watch where you are going and pay attention when you log into areas that could have financial consequences if compromised.
I have been online sine 1995 and an eBay user since 1999, and I thought something like this could never happen with how safe I am online. The one thing that saved me here was the quick change of the password.
Stay Safe . . . Scott
| Digg it | FURL | +Google | RawSugar | Slashdot | Y! MyWeb
Boise Tweets