eBay scammers and phishing

kasia in a nutshell had the unpleasant experience of a scammer using her lovely photo of a lake to sell some land on eBay.

Follow her wonderfully nasty solution via the link,

As an eBay Power Seller I hate throw away bidding accounts. But throwaway scammers are worse. It would have been tempting to bid the scam up to $50K or so. That would have excited the scammer too much and prevented some innocent buyer getting caught.

While I disagree with Kasia and think eBay do care about crud like this, they don’t adequately resource their copyright infringement section. The listing was pulled eventually most likely because it smelled like a scam. My company has been an inadvertant copyright thief on eBay once and the listing was pulled. But the time our own image was stolen eBay didn’t do anything before the auction finished, so the seller got a free run on our photograph.

Most eBay buyers and sellers are honest but there are enough horror stories out there to make new users pause and wonder if it is safe. Buying online with an Australian credit card is remarkably safe when you deal with an established company. The consumer protection built into Australian issued credit card are quite strong.

The second related story comes from an email scam I received today. It claimed to be from eBay’s security department and included executable attachment called eBayProtection.exe

This is almost certainly a keylogger or some other scam to capture your eBay details. This is called phishing – a fake email supposedly from a trusted company directing you to run some software or click on a link for the purposes of getting your login details. Financial institutions and online transaction companies will never ask you to run an executable like that, normally they won’t even include a link to the specific login part of their site.

Always type in the full URI of website into your web browser, and login normally. If there is a security problem with your account you’ll find out immediately via the site.

Should you ever accidently click on a phishing link the page you get will probably look exactly like your bank (or eBay or Paypal) but the beginning part of the address may have numbers or be a mispelling of the site (in your browswer’s address bar). Just close your browser and forward the email to the webmaster at the financial institution. This last step is important in the fight against phishing – customer noise makes them do something about it.

Leave a Reply

Your email address will not be published. Required fields are marked *