Attackers for months have been using eBay listings to redirect visitors to password-harvesting scam sites. They use cross-site scripting to hijack eBay shoppers and trick them into handing over personal data. Smartphones, televisions, hot tubs and clothing are among the items supposedly for sale in listings infected with malicious Javascript code. When users click on the listings, the code redirects them through a series of other websites to a page requesting their eBay log-in and password.
As a past eBay buyer, I want to express my concern for their disregard for their millions of members by not letting us know they are compromised. The lack of an ongoing investigation to clarify that they are doing all they can to protect users. I have since stopped buying on their site. I'm very upset for their disregard to now exposing all our names, birthdates, addresses, and all the other demographics. I read the other day a story Joe Ducey published on the news about eBay sellers STILL being scammed (December, 2014). In this case they said they were scammed and the emails that their diamond jewelry bought was in fact not bought. This person was not a regular seller and the email said to ship now. Here's where it gets really concerning. If eBay did not sell them and it was a bogus email, then why did they send them an invoice for selling the items? I thought they didn't know anything about it? This in addition to many other articles I have read discourages me and the disrespect is overwhelming.
People who aren't sure if their password is secure should use PasswordTurtle.com! PasswordTurtle makes passwords from normal english phrases so the passwords are easy to remember and secure. I use them whenever I make a new online account.
Loading ...
Phishing Scam Ensnares eBay Shoppers
Posted by: Katherine Noyes September 23, 2014 06:25 AMAttackers for months have been using eBay listings to redirect visitors to password-harvesting scam sites. They use cross-site scripting to hijack eBay shoppers and trick them into handing over personal data. Smartphones, televisions, hot tubs and clothing are among the items supposedly for sale in listings infected with malicious Javascript code. When users click on the listings, the code redirects them through a series of other websites to a page requesting their eBay log-in and password.