Poorly Trained eBay Anti-Fraud Employees Tell eBay Customer to Visit Phish Site

[mandy]

I reported a phishing attack last week. Nothing new there.

A scammer put up a fake eBay site and sent spam encouraging people to go there. Predictably, it prompted for the user's eBay username and password. Both the email and the website were very credible-looking. Nothing new there, either.

Naturally, I reported the attack to spoof@ebay.com, expecting them to work with the host of the fake website to take it down quickly. Three days later, I received a reply, basically telling me I'm an idiot because this email was in fact sent by eBay...

full article: http://richi.co.uk/blog/2...-phishing-desk-sucks.html

[mandy]

Infoworld picked up this story:

On Monday, an eBay spokeswoman confirmed that the e-mail message was indeed part of a fraud, but she could not explain why it had initially been identified as legitimate. "I don't know the answer to that," said spokeswoman Amanda Pires. "I'm assuming right now it was just an error."

full article: http://www.infoworld.com/...2/05/HNebaytricked_1.html

[xppman]

"I don't know the answer to that," said spokeswoman Amanda Pires. "I'm assuming right now it was just an error."

[mandy]

Another related article on this phishing email:

Phishers Slip Through Web Loopholes

As shown by a recent attempt on customers of online auctioneer eBay, phishers can still cause serious headaches despite increasing consumer awareness. 

 Despite the continued efforts of researchers, security providers and online businesses to discourage phishing schemes and shut down related Web sites, some criminals are still able to flout the system and find ways to keep their illicit operations up and running.

An example of one type of phishing attempt that still manages to frustrate do-gooders appeared online in early November, in the form of a Christmas-themed Web site that mimics the name, look and feel of online auctioneer eBay Inc...

full article: http://www.eweek.com/arti...le2/0,1895,1897025,00.asp

[richi]

This is the Richi Jennings from the article. There's more to the story; it continues at www.richi.co.uk

[bargainbloodhound]

Hi Richi 

I'm glad that the publicity forced eBay and Verisign to put a little more effort into getting the site taken down.  Its amazing what a little bad press can accomplish with some of these companies.

I think part of the responsibility for the current severity of the phishing/spoof problem lies with the often slow response times of the companies that are spoofed.

The first phishing site I ever saw was about 4 1/2 years ago:  someone had spoofed an AOL account page and was using a free home page on Tripod to host it and after the people entered their info (the page requested credit card numbers, drivers licenses, social security #'s, etc) an emailer sent the info to a hotmail account.  I reported the site to Tripod, AOL, and HotMail.  It took Tripod over 3 weeks (and several emails from me and others) to take the site down.  I never did get any response to any of my emails from AOL.

[Tags:]

Jump to: Please select a destination: ----------------------------- TulipTools Announcements and News ----------------------------- => TulipTools Announcements and News ===> Suggestions, Bug Reports, etc ----------------------------- Advertising, Affiliates, and Marketing ----------------------------- => Advertising, Affiliates, and Marketing Discussion ===> Web Site Revenues: Advertising, Affiliate Programs, and Marketing for Site Owners =====> Affiliate Programs for Publishers =======> Amazon Affiliates =======> Commission Junction =====> Google AdSense =====> Other Ad Networks =====> PayPerClick Networks =====> Yahoo Publisher Network =====> Affiliate Program Announcements =====> General Advertising, Affiliates, and Marketing for Site Owners ===> Advertising and Marketing Your Product, Service, or Web Site =====> Affiliate Programs for Advertisers =======> Affiliate Networks =======> Affiliate Program Software =====> Email Campaigns and Newsletters =====> Google AdWords =====> Microsoft AdCenter =====> Offline Advertising and Marketing =====> Other Online Advertising and Marketing Techniques =====> Pay Per Click Networks For Advertisers =====> Yahoo Publisher Network for Advertisers =====> Advertising, Affiliates, and Marketing Announcements =====> General Advertising and Marketing Discussion ----------------------------- Blogs and Blogging, Web 2.0 ----------------------------- => Blogs and Blogging, Web 2.0 ===> Blog Networks =====> Entrecard ===> Blog Software ===> Free Blog Hosting Services ===> Blog Link Exchange ===> Community Building and Social Networking =====> Facebook =====> LinkedIn =====> MySpace ===> Podcasting ===> RSS Feeds ===> Social Bookmarking =====> Digg ===> Wikis =====> Wikipedia ===> Blogging and Web 2.0 Announcements ===> General Blogs, Blogging, and Web 2.0 Discussion ----------------------------- Computer Hardware, Networking, and Gaming ----------------------------- => Computer Hardware and Equipment, Networking, and Gaming ===> Computer Accessories ===> Computer Gaming ===> Computer Hardware ===> Desktop and Laptop Systems ===> Hardware Technical Support ===> Networking and Servers ===> Computer Hardware and Services Announcements ===> General Computer Hardware Discussion ----------------------------- Domain Names ----------------------------- => Domain Names ===> Domain Name Appraisals ===> Domain Brokerages and Auctions ===> Domain Name Development ===> Domain Name Legal Issues ===> Domain Names Registration and Registrars ===> Domain Name Reselling ===> Domain Parking ===> Domain Selling ===> Expired Domains ===> Domain Name Announcements ===> TulipDomains Support Forum ===> General Domain Name Discussion ----------------------------- Ecommerce ----------------------------- => Ecommerce ===> Ecommerce Holiday Shopping ===> Hosted Shopping Carts and Stores =====> eBay ProStores =====> Yahoo Stores ===> Inventory Management ===> Merchant Accounts ===> M-Commerce ===> Online Payment Services =====> Google Checkout: Google Payments and GBuy =====> PayPal ===> Packaging, Shipping, and Fulfillment ===> Shopping Cart Scripts and Software =====> CubeCart =====> Magento =====> osCommerce, osCMax, and CRELoaded =====> VirtueMart/Joomla =====> X-Cart/LiteCommerce/CS-Cart =====> ZenCart ===> Shopping Comparison Sites =====> Froogle =====> Yahoo Shopping ===> Wholesalers and Dropshippers ===> Ecommerce Site Link Exchange ===> Ecommerce Site, Service, Product Announcements ===> General Ecommerce Discussion ----------------------------- Financing, Investment, Startups, and Venture Capital ----------------------------- => Financing, Investment, Startups, and Venture Capital ===> Business Planning and Development ===> Business Plans ===> Small Business Financing ===> Venture Capital ===> Financing, Investment, and Venture Capital Announcements ===> General Financing, Investment, and Venture Capital Discussion ----------------------------- Global Internet and International Trading ----------------------------- => Global Internet and International Trading ===> Global Internet Business Expansion ===> International Trading: Import/Export =====> Customs and Tariffs ===> Global Internet and International Trading Announcements ===> General Global Internet and International Trading Discussion ----------------------------- Graphics, Ajax, HTML, Multimedia, Web Design ----------------------------- => Graphics, Ajax, HTML, Multimedia, Web Design ===> Graphics and Multimedia =====> Audio, Video, and Multimedia =======> YouTube =====> Digital Photography and Cameras =====> Flash, ShockWave, and ActionScript =====> Graphics Design =====> Image Hosting Services =====> Imaging Editing Software and Other Tools =====> General Graphics and Multimedia Discussion ===> HTML, CSS, DHTML, Javascript, AJAX, and Coding =====> AJAX =====> CSS =====> HTML and DHTML =====> Javascript =====> XML Programming ===> Web Site Design =====> Browser Compatibility and Website Accessibility =====> WYSIWYG Editors and Other Tools =====> General Web Site Design Discussion ===> Graphics Design and Web Design Announcements. ----------------------------- Internet Access: Broadband, VoIP and Mobile Telephony ----------------------------- => Internet Access: Broadband, VoIP and Mobile Telephony ===> Broadband, ISPs, and Internet Access ===> Mobile Telephone Industry and Products ===> VOIP Internet Telephone Services =====> Skype ===> VoIP and Mobile Telephony Announcements ----------------------------- Internet Business Legal Issues ----------------------------- => Internet Business Legal Issues Discussion ===> Contracts ===> Copyrights, Patents, and Trademarks ===> Privacy ===> Slander and Libel ===> State, Federal, and International Laws ===> Internet Business Legal Issue Announcements ===> General Internet Business Legal Issues Discussion ----------------------------- Internet Business Management and Human Resources Issues ----------------------------- => Internet Business Management and Human Resources Issues ===> Accounting and Finance ===> Customer Service and Help Desk ===> Dot Com Busts ===> Dot Com Life ===> Human Resources and Employee Management ===> Insurance ===> Taxes ===> Internet Business Management Announcements ===> General Internet Business Management Issues Discussion ----------------------------- Online Auction Industry, B2B Trading Sites, Classified Ad Sites, Fixed Price Venues, and Malls ----------------------------- => B2B Trading Sites ===> Alibaba ===> B2B Industry Product and Service Announcements => Barter, Swap, and Haggle Sites ===> iOffer ===> Barter Industry Product and Service Announcements => Classified Ad Sites ===> Craigslist ===> Google Base ===> LiveDeal.com ===> Windows Live Expo ===> Other Classified Ad Sites ===> Classified Industry Product, and Service Announcements => Fixed Price Venues and Malls ===> Amazon Marketplace, Seller Central, and Auctions ===> Ecrater ===> Etsy ===> Media Selling Venues: Books, Music, Movies ===> Other Fixed Price Venues and Malls ===> Fixed Price Venues Product and Services Announcements => Online Auction Industry Discussion ===> Auction Sites =====> AuctionCities.com =====> Bid-Alot =====> BidChaser Marketplace =====> BidVille and uBid =====> eBay =======> Class Action and other Lawsuits, VERO Complaints =======> Frauds, Scams, and Rip Offs =====> eBid.net =====> Overstock Auctions =====> QXL Ricardo =====> Tazbar =====> Trade Me =====> Yahoo Auctions =====> Other Auction Sites ===> Auction Software and Services =====> Tools For Auction Site Owners =====> Tools For Buyers =====> Tools for Sellers =======> Auction Management Services =========> Marketworks and ChannelAdvisor ===> General Online Auction Industry discussion ===> OAI Product and Services Product Announcements ----------------------------- Operating Systems, Browsers, and Email Clients ----------------------------- => Operating Systems, Browsers, and Email Clients and Services ===> Email Clients and Services ===> Internet Browsers =====> Internet Explorer =====> Mozilla Browsers: Firefox, Mozilla, Netscape =====> Opera =====> Safari ===> Operating Systems =====> BSD =====> Linux =====> MAC =====> Unix =====> Windows ===> Operating Systems, Browser, and Email Announcements ----------------------------- Programming and Databases ----------------------------- => Programming and Databases ===> ASP ===> C/C++ ===> Cold Fusion ===> Databases =====> MySQL =====> Oracle =====> PostGres ===> Java/JSP ===> .Net Framework ===> Perl ===> PHP ===> Python ===> Ruby on Rails ===> WAP and WML ===> Programming and Databases Announcements ===> General Programming Discussion ----------------------------- Search Engines, Directories, SEO, and Site Promotion ----------------------------- => Search Engines, Directories, SEO, and Site Promotion ===> Backlinks ===> Internet Directories =====> DMOZ/Open Directory Project =====> Yahoo Directory =====> Other Directories ===> Keywords ===> Search Engines =====> Ask.com =====> google =====> MSN Search =====> Yahoo Search =====> Other Search Engines ===> Search Engine Optimization Techniques ===> General Search Engine Promotion Techniques ===> Search Engine Industry Product Announcements ----------------------------- Security ----------------------------- => Internet Security ===> Email: Spam, Spoofs, and Viruses =====> Spam ===> Network Protection and Firewalls ===> SSL Certificates ===> Web Server Security ===> Internet Security Announcements ===> General Internet Security Discussion ----------------------------- Software and Scripts ----------------------------- => Software and Scripts ===> ASP and ASP.NET Scripts ===> CGI and Perl Scripts ===> Content Management Systems ===> PHP Scripts ===> Other Scripts and Software ===> Remotely Hosted Scripts and Services ===> Software and Scripts Product Announcements ===> General Discussion of Software and Scripts ----------------------------- Web Hosting and Web Servers ----------------------------- => Web Hosting and Web Servers ===> Dedicated Servers and Co-Location =====> Co-location =====> Dedicated Servers ===> Shared Web Hosting and Virtual Private Servers =====> Free Web Hosts =====> Shared Web Hosting =====> Virtual Private Servers (VPS) ===> Web Hosting Industry ===> Web Hosting Resellers ===> Web Hosting Software and Control Panels ===> Web Hosting Product and Service Announcements ===> TulipHosting Pre-Sales Forum ===> General Web Hosting and Web Servers Discussion ----------------------------- Webmaster Issues ----------------------------- => Webmaster Issues ===> Apache Web Server ===> DNS and Name Servers ===> Traffic and Log Analysis ===> Web Site Content and Content Creation ===> WebMaster Announcements ===> General WebMaster Issues Discussion ----------------------------- Web Site, Product, and Service Reviews ----------------------------- => Web Site, Product, and Service Reviews ===> Ecommerce Store Reviews ===> Product Reviews ===> Service Reviews ===> Web Site Reviews ----------------------------- Product, Service, Web Site Announcements ----------------------------- => Product, Service, Web Site Announcements ----------------------------- Member Showcase Mall ----------------------------- => Member Showcase Mall ----------------------------- Bottom of the Board ----------------------------- => Bottom of the Board Completely Off Topic ===> Bad Jokes Atrium ===> Bats, Cats, Dogs, and Squirrels ===> Guess What I'm... ===> Nothing But Movies, Music, and TV ===> The Brixton Brawlers Club =====> The Spammers Penalty Box ===> The Happy Fluffy Chit Chat Club ===> The Welcome Wagon ===> TulipTools Trivia Contests ===> Bottom of the Board Announcements