eBay Motors Redirect Security Hole Allows Scammers to Hijack Buyers
|
10-23-2006, 03:41 PM,
Post: #1
|
|||
|
|||
eBay Motors Redirect Security Hole Allows Scammers to Hijack Buyers
Quote:On the 4th of October 2006 a buyer who had been scammed on ebaY Motors using a second chance offer and had previously reported the scam to ebaY, was told that ebaY was not responsible, quoth the email, " Please keep in mind that we do include information on the messages sent through our system as well as on our site that state items should not be purchased outside of the eBay platform and should not be paid for using Western Union." The problem is, that as far as the buyer knew, the purchase WAS made on the ebaY platform, by going to ebaY, through the buyers normal links - NOT an email link - logging on to ebaY - NOT a third party site - and clicking on the second chance offer on ebaY's listing page. When the page opened, the buyer then clicked Buy It Now, his personal information was populated into a confirm shipping address page with his name and address from ebaY's servers, and when he got to the Pay Now page he was given the option of Western Union Wire Transfer, which (unfortunately) he used... full article: http://auctionguild.blogspot.com/2006/10...acked.html |
|||
10-23-2006, 07:02 PM,
Post: #2
|
|||
|
|||
Re: eBay Motors Redirect Security Hole Allows Scammers to Hijack Buyers
What ebaY has always told users is that as long as you come to ebaY directly, and log in to ebaY directly, and complete the sale on ebaY, you are safe. This is no longer true.
|
|||
11-08-2006, 08:28 AM,
Post: #3
|
|||
|
|||
Ebay Redirect Phishing Scams Multiply
A followup article from The Auction Guild's email newsletter:
Quote:EBAY REDIRECT PHISHING SCAMS MULTIPLY http://www.auctionguild.com |
|||
11-14-2006, 09:38 AM,
Post: #4
|
|||
|
|||
18-month-old eBay Redirection Security Hole remains open
Another report of an unpatched redirection flaw on the eBay site:
Quote:A redirection script error on eBay's site remains open to abuse 18 months after The Register first reported it. full article: http://www.theregister.co.uk/2006/11/13/...tion_ruse/ |
|||
11-14-2006, 11:02 PM,
Post: #5
|
|||
|
|||
Re: eBay Motors Redirect Security Hole Allows Scammers to Hijack Buyers
OAI Moron Hall of Fame
<i>sell-thru is an irrelevant and illogical consideration.</i> -KaRay, owner of WP giving selling advice, 2006 <i>the site was 'NOT' hacked but the little script that had recipes on had the link altered</i> -Plunderhere Owner Mark Taylor after his site was hacked by a Chinese hacker gang, 2008 Some people have it like that, others dont. I do. -Probidscripts owner Spencer Osama Binweb Laden Ray bragging about his ability to scam the OAI without feeling any guilt, 2008. How does an auction site get buyers? -question asked at PSU by owner of auction site BidBeaver.ca, 2008 How do I get sales? -question asked at PSU by online store owner, 2009. I was told by my Tech. Support that my site dont really need SSL.. his servers are well protected and that info your providing to join aint really top secret information -owner of auction site TheTraderOutlet.com discussig his site's lack of basic security, 2009 |
|||
« Next Oldest | Next Newest »
|
Users browsing this thread: 3 Guest(s)