My e bay account has been hacked and a number of very expensive items with very short sale times were listed under my user name.
I have contacted e bay and "will get a reply in 24 to 48 hrs" which is way after the listings , which have bids on them already have finished.

I have 100% feedback and dont want to loose this.

I have never given my passwords to anyone or have them written down anywhere.
The goods are all for sale in the USA and not the UK

Any advice?

The only 'advantage' I can see for the fraudster is to hack your PayPal account or whatever you use. Beware!

Here's two contact numbers for ebay in the US. You can use skype to call them for free.


+1-800-322-9266
+1-888-749-3229


HTH

Michael

You could always cancel the auctions, assuming you still have access to your own account.

Jim, just a thought - you haven't responded to any of the 2phishing" emails purportedly from ebay? Some of them are damn good!

Easy enough to spot, though - just check the URL that you are "invited" to click - if it is not ebay.co.uk or ebay.com, then it's a phish.

SD

Heres an update.

I reported them to e bay. I then went on the new e bay chat help and e bay actually telephoned me from Utah!! to verify they were talking to me in the UK.
It occured to me that "they" could be part of the scam, but hey...whatever. Anyway, they removed all the non jim sales and whilst we were dealing with this the sales all re appeared on e bay again.

All removed again and my e bay details have all been changed. Investigation started.

No I have never fallen for a phishing scam....

I then e mailed the git who was doing the sales, and the silly sod responded!!:eek:

I warned him to keep looking over his shoulder as I knew where he was and that I hoped he like hospital food. :E Even if I am in the UK and he (or she) is in the USA!!!

I hate this sort of thing and it appears to be happening far too often. For those who know a bit about eBay and phishing etc it is a bit easier - but I feel sorry for the people who may not know much about the Internet etc and can fall for these scams easy.

My girlfriend (now well educated on the subject by moi) was actually on her way to the post office ready to post a phone to Nigeria - without even knowing anything about the auction, I told her to stop and that it was a scam. Money had been promised but not actually sent. These :mad: get away with it too easily and for that reason I think eBay is eventually gonna go down the swanny :*

Hope you manage to resolve your issue - it's probably some spotty half wit sat at his computer, if so then I think you scare tactics are probably gonna work!

Maz :ok:

Interesting -

As far as I know, the only way to "use" your account is to either crack the password (guesswork or brute force), or else obtain the password by a keyboard logger or other spy software installed on your PC.

I would tighten up your firewall, AV and anti-spyware defences, just to be on the safe side.

How can the items be for sale in the US if your account is registered in the UK? And what benefit would it be to the "seller" if payment were sent to you?

I wonder if it is possible for ebay's systems to allow a near-simultaneous registration of accounts with the same name in different countries, which then get "merged" when their systems replicate information.

SD

I don't believe there is any problem in selling on eBay.com if you are registered on co.uk.

Frosty, that's not the point - the account is registered in the UK, so even if the item is listed on ebay.com, the seller is still registered (and the item located) in the UK.

Let me offer a really good simple tip for Ebay users.

Make your Ebay email address different from every other email address you use.

So if your name is Joe Bloggs, and say you use yahoo email, and your normal email address is [email protected], then knock up [email protected].

If you have your own domain, say bloggs.co.uk, then use [email protected] normally, and use [email protected]. Or [email protected]. Etc.

Then, in your email program, set up a filter on the incoming emails so that only the "ebay" addresses end up in a box called "Ebay".

Then spam pretending to be from Ebay is instantly recognisable as such.

The most likely way somebody's Ebay account was hacked is by phishing. The idea behing a good pfish is for the target to net realise it even afterwards. The pfish site will redirect you to real Ebay immediately, even very kindly logging in for you (they have just captured your login+pwd, after all) so you know nothing about it.

The other thing, never enter Ebay by clicking a link supplied in any email. Always select it from your Favourites, or better still always type in the full URL each time.

My account was similarly hijacked earlier this year. I e-mailed spoof @ebay.co.uk straight away and they sorted it in hours. What the hijacker can do, having short-auctioned an expensive item, is get the money and run. The winning buyer then expects the true owner to either supply the kit or give a refund.

The only think I can thing of that compromised my details was my use of Auctionsniper.com (bids for an item as close as you want to the end of auction when you're not around to do it). I'd used it before successfully but, on this occasion, it needed my eBay password (as it would, to bid). Anyway, Mr Dummy's not doing that again.

GBZ

I've thought a lot about this and couldnt see any benifit to the fake seller.
BUT:

I got lumbered with the £153 charges for hosting the sale (refunded by e bay)
and the seller just phones up or e mails the bidder and says .."Hey man, send me cash and I'll knock 10% off so I dont pay charges" so he wins wins....

Frosty, that's not the point - the account is registered in the UK, so even if the item is listed on ebay.com, the seller is still registered (and the item located) in the UK.


I was responding to the 3rd para in your previous post, SD.

The other thing, never enter Ebay by clicking a link supplied in any email. Always select it from your Favourites, or better still always type in the full URL each time.
That's the best bit of advice you can ever hear for eBay - so many people click on links from their email, which is understandable as they are hoaxed so well :mad:

To help avoid phishing scams get a spoofstick. (http://www.spoofstick.com/)You can get a Firefox and/or an IE version.

copied from www.isc.sans.org (http://www.isc.sans.org), this might affect quite a few people if you're not VERY careful indeed. It's worrying that Paypal may have been severely compromised!!!!


Pay Pal Phlaw?

We've recieved a report of a potential flaw in the PayPal website that is being used to steal credit card and other personal information from PayPal users.

The scam works by tricking users into accessing a URL hosted on the genuine PayPal web site. The URL uses SSL to encrypt information transmitted to and from the site, and a valid 256-bit SSL certificate is presented to confirm that the site does indeed belong to PayPal.

When the victim visits the page, they are presented with a message that has been 'injected' onto the genuine PayPal site that says, "Your account is currently disabled because we think it has been accessed by a third party. You will now be redirected to Resolution Center." After a short pause, the victim is then redirected to an external server, (apparently somewhere in Korean IP space) which presents a very convincing fake PayPal Member log-In page.

Logging in sends the PayPal username and password to the bad guys and causes another page asking for more information (social security number, credit card number ...) to remove the limits on the access of thier account.

More to come as we confirm information.

Thanks for spoofstick. I've never been caught yet (being a careful bunny), but it's nice to have that extra safeguard.

Yeah you have to be uber-careful these days - I had a friend whose account was hijacked and it put him off using eBay for life! :D

Edited to remove commercial advert

It is worth anyone who buys and sell on the internet to have a good look at this excellent website:

http://www.419eater.com/

I nearly got caught out by a scam, and the UK Police were useless, be warned.

I have downloaded Spoofstick, but there is no visible change in my Firefox ‘hello screen'.

It states that Spoofstick now has a button not a bar. No such button is visible.

I have nothing in ‘downloads', but the screen ‘ Tools—Extensions' shows the item and ver #, along with the un-install option. All indications are that it is running in the background somewhere.

However, there is no change to my Firefox screen, and going to tools etc does not indicate where I can drag what from where.

Any help would be appreciated. LR

That's funny LR, I was just going to say exactly the same thing!

GG

Have you checked to see if anything has been added to Tools>>Options?

I'm so glad that I'm not alone...one is feeling a severe absence of brain-cell activity these days.

There is no reported action in (The excellent ) Process Explorer or Task manager on selecting oft used sites, etc.

Have you checked to see if anything has been added to Tools>>Options?
Looking ......... No, nothing seems to have changed
Edit:

Please in my next life may I be gifted with a brain.

The garage doors rumbled open and the Rivetess appeared with g-son in one hand and a tonne of shopping in the other.

She has the ability to turn her head as fast as the King in Freecell, but with a change of expression: big smile for him...and a glare for me. I nervously asked if she would look at the problem. On the way to the den she trust various items at me until my arms were full. She explained that the house was not a dumping ground for my junk. Still, all was not lost, I know from long experience that she is at her most brilliant in full Demonic mode.

Menus flew around the screen and in 15 secs she said, ‘So what's that?!' Twas the Spoofstick logo.

I had gone to --view-- toolbars-- customize BUT I HADN'T SCROLLED DOWN....and if only it was for the first time. :ugh: :ugh: :ugh:

We dragged it onto the Firefox Bookmarks toolbar. However it took up too much space, and I certainly did not want to waste screen space with another toolbar. Editing the names of all other items...set to small of course....allowed me to get everything in the space. Spoofstick allows the removal of extraneous words as well.

Frankly, I don't need many buttons. Just one huge one in the middle of the screen would do...‘Pprune'

Thanks LR - I don't think I've ever explored the depths of the View - Toolbars commands before!:uhoh:

GG