Skip to main content

38 replies

ebay identity compromised

Replies sorted oldest to newest

J jabbergahMember
quote:
he does not have a clue how it happened.
Eek Sure wish we could figure out what was done so we'd have an idea how to prevent it! Eek
quote:
His email was on yahoo, if that helps you any.
Oh GREAT!! Roll Eyes I use yahoo e-mail, too! I can't see how a weakness in yahoo e-mail security could result in access to an ebay account. I would think it would have to be the other way around.
quote:
He doesn't sell on Ebay much or buy much.
Maybe this is the key??? Hi-jackers look for ebay accounts with LOW activity to hi-jack & use? Still don't know how the hi-jackers get access, though. Confused
mrsmmrsmMember
Jabber, I just talked to him. He said he opened an email that said his account had been compromised on Ebay. He filled out everything until it asked for his credit card and then stopped and deleted it. Maybe that is where the trouble began. Wherever they got the information, they knew that his Ebay was linked to his yahoo. The names and passwords were nothing alike.
region2region2Member
quote:
Originally posted by Mrs.M.:
Jabber, I just talked to him. He said he opened an email that said his account had been compromised on Ebay.
Here's your answer...

[_phishing_]

I've known even sensible people fall for this scam.

Another method is a trojan that records key strokes - hey presto, they have your ID and PASSWORD and can do what they like.

The chances of a big organisation getting hacked and the saved IDs and encrypted passwords being stolen are small. The chances of a home PC having a trojan or a naive user supplying a scammer with the info she/he needs are much, much higher.

So, keep ad-aware running (it's free), make sure your AVG virus checker (it's free) is up-to-date and don't give your personal details to any organisation after receiving an email from them.

I despair... Frown

R2
S snipersarabAuctionSniper Support
I agree the most likely way your password was nabbed was either from a phishing scheme, or from a trojan.

Get youself Adware from download.com It's free.

Then make sure to never click on emails that look like they are from eBay. I get a half dozen or dozen a day at my support emails. It's a horrible bad problem.

Also use different passwords at each site you use. I know it's a pain but write them down on a small notepad or such and keep it with your computer and then they aren't so hard to remember.
T toodlesMember
Thanks for the compliment Mrs. M! Smile Yes, we are nice in Tn. Well I have all the things everyone suggested, i.e. ad-aware, spybot, antivirus with auto update, firewall (not the windows xp one)- my machine is checked for viruses all the time. I'm at a loss for answer. My email was not bothered - suggested I change my pw after the go round with Ebay. Off to Chi Town with friends for five days of shopping and a few drinks to toast the holidays. Bye for now.
T tomikeMember
Twice I've had my E-Mail Address changed, on my pay pal account( e-bay)company......by LAPTOPSELLER@yahoo, e-bay and paypal did nothing..... YAHOO security informed me that they've suspended his account, but they just create new identies.... in the bogus email to you, they also ask you to verify your account info, and credit card info.... don't ever give out info to an un solicited e-mail... i changed my email back because of the secret question, etc.... that tactic is used to get your attention, in hopes you will provide credit card info. out of the confusion of having your e-mail address changed..- hope this helps....
T tomikeMember
dude , it's happened twice....
dude, this blog was rec'd from paypal- you need to think before you open your tin can mouth......
Wed, 14 Jul 2004 19:32:02 -0600 3“laptopseller@yahoo.com” spoof email. Every time someone attempted to log in, the information they entered would be at the bottom of the text file. I could refresh every minute or so and there would be new user information. Unfortunately, some people entered their credit card info also. This is not the first time these same thieves have used this spoof email and text file. they were shocked that there was a text file with all of the stolen data that could be viewed by anyone with internet access and immdiately started investigating. They got the site shut down within a few hours of my report. I thought it was over and done with until I received the same spoof email a couple of days later. I started exploring the site again and found the same base file with new entries for July 8th & 9th. I reported it to PayPal and it was shut down quickly. Then again today, I received the same “laptopseller@yahoo.com” spoof email. This time, the thieves had changed their domain slightly, but still had the same setup with the text file. I found it within minutes of the site going up and immediately notified PayPal. By now, they have me working directly with their fraud department, so the spoof site shut down was only minutes after my report. They are bound to repost their site again on another server, maybe with a slightly altered domain name, but they will probably use the same text file, which I will find and report. I’m sure they will use the same base text file(June 2nd & 3rd entries) that will be added to as users attempt to log in in response to the “laptopseller@yahoo.com” email. The easily viewable text file allows the thieves to be anywhere in the world and view and save the data anonymously without having to log into a server. The text files I have saved for PayPal have thousands of entries from PayPal users. I have notified hundreds of users on the list to inform them of the situation, but that is just the tip of the iceburg. If you know someone that feels that they may have been fooled by the spoof email and may have entered valid private information, I can search the text files for their PayPal email address and provide the data saved in association with that address. They need to check their PayPal account and credit card for suspicious activity if the data on the text file is valid. Hopefully, these crooks will be caught soon!
D dzigrrlMember
Wow, I just read this whole topic and now understand a couple things that just happened. I, too, got that phishing email -- and it was extremely pro & clever AND I KNOW BETTER!! (and have Spybot + AdAware + TrojanCleaner Monitor, etc. running)
I don't think I clicked the link, and I definitely forwarded it to eBay.
But then I got the notification from eBay that my acct really HAD been compromised and to change my password for real. Still don't know what, exactly, that means b/c whoever might've "compromised" it would be competing for the acct's use w/me cuz I'm always on!
Anyway, happy sniping!
D.
rickrickMember
quote:
Originally posted by Dzigrrl:
(and yes, I did change my acct on here to match -- several times, to make sure!)
You may already know this, but you can always run Import Wizard to verify your password. Import Wizard can’t bring in the auctions from your watch page unless ID & password match.

Someone suggested that AS add a button to allow users to check this. What's your thoughts on this suggestion?
D dzigrrlMember
quote:
Originally posted by Rick:
quote:
Originally posted by Dzigrrl:
(and yes, I did change my acct on here to match -- several times, to make sure!)
You may already know this, but you can always run Import Wizard to verify your password. Import Wizard can’t bring in the auctions from your watch page unless ID & password match.

_Someone suggested that AS add a button to allow users to check this. What's your thoughts on this suggestion?_


Thanks Rick. Wasn't aware of that. Think ebay was just screwy (not ebay! Wink )
A amwMember
Hi all,
I'm looking around this forum for the first time. Have used AS for a year or so since a seller told me about it.

I just couldn't help myself, even if this thread is quite old...

I feel real happy that I have a Mac when I hear about all these problems people have... I haven't had any problems whatsoever (knock on wood) since I went online around 10 yrs ago... The punks and fraudsters seems to consentrate on Windows... I do get lots of phishing mails though, but I have been lucky in that I know what they are.

I really don't understand though. I got a new e-mail address, and hadn't given it to anybody. Just used it on eBay. It sure didn't take long until the phishing mails came. The only people that had got the mail address, was eBay sellers. To be sure I had my disk scanned, but no things that doesn't belong there (Spyware etc.).

So some of you think 10% sales tax is a lot? Where I live, we pay 24% sales tax... And prices are higher too...

Can you tell I love to buy on eBay? Only cheap things though - customs tries to get us to buy here, if the value is over $28-29, we have to pay sales tax on it, plus on the postage, plus a processing fee...

Because of these things, AS is a godsend, I sure don't want to push prices up. Smile

Add Reply

Post

Membership Required

We're sorry. You must be signed in to continue. Sign In or Register
×
Are you sure you want to remove from your Block List?
×
Loading...
×
When you block a person, they can no longer invite you to a private message or post to your profile wall. Replies and comments they make will be collapsed/hidden by default. Finally, you'll never receive email notifications about content they create or likes they designate for your content.
Note: if you proceed, you will no longer be following .
×
Link copied to your clipboard.
×