I got an email from Ebay this morning (and it was from Ebay), confirming my request to reset my password. I haven't done that, so it looks as if someone has tried to get into my account. Helpfully, Ebay provided the originating IP address: 62.232.41.217, which sure isn't mine.

Obviously I've ignored the request, however, I'm now left wondering how secure my Ebay account is. Obviously I have a username & a password & whilst changing my password is easy enough, a complete change of details would wipe my history & therefore my reputation as a buyer & seller. Presumably, one would have to have only my username to request a password reset & that is the basis of the attack, but could they somehow garner my details after that attempt??

I take it you can still access your e-bay account? If so then the attempt failed. Might be a good time to beef up the password a bit.

info on that IP address

inetnum: 62.232.41.128 (http://samspade.org/whois?query=62.232.41.128;server=auto) - 62.232.41.255 (http://samspade.org/whois?query=62.232.41.255;server=auto)
netname: UK-PIPEX-NETVISION-1
descr: Netvision-1
country: GB
admin-c: GC2114-RIPE (http://samspade.org/whois?query=GC2114-RIPE;server=whois.ripe.net)
tech-c: HM655-RIPE (http://samspade.org/whois?query=HM655-RIPE;server=whois.ripe.net)
status: ASSIGNED PA
mnt-by: AS5519-MNT (http://samspade.org/whois?query=AS5519-MNT;server=whois.ripe.net)
mnt-lower: AS5519-MNT (http://samspade.org/whois?query=AS5519-MNT;server=whois.ripe.net)
mnt-routes: AS5519-MNT (http://samspade.org/whois?query=AS5519-MNT;server=whois.ripe.net)
source: RIPE Filtered
role: Hostmaster Contact
address: PIPEX Communications
address: The Hinshelwood Building
address: Edmund Halley Road
address: Oxford Science Park
address: Oxford
address: OX4 4GB
address: United Kingdom
phone: 44 870 909 8181
fax-no: 44 1865 778 160

Thanks GG, did the same check & have complained to gxn.

The premise behind the emailing is that only the person who has access to the inbox of the email address associated with that account can view the newly reset password.

Anyone can go to the site and click on the "I've forgotten the password for my account named XYZ, please email me a new one".

Complaining to the ISP won't help as there's little likelihood of abuse here. I frequently get password change requests for a different site because my username is 'Rob'. People forget their username, try logging in as 'Rob' with their password and it doesn't work, so they request a password reset.

So you should be safe. That said however, it would be a good idea to make the password a safe and secure one.

I too could not see how the benefit of attempting to reset my password could accrue to a third party, hence the question. I have reported it however, since it is highly unlikely that someone would asccidentally attempt to log on s me & the go on to reset my password, so if it results in a crafty sod getting an email that says WE SEE YA, then so much the better.

GG

How do you go about getting that info from an IP address?

CC

How do you go about getting that info from an IP address?

Go to http://samspade.org/ and feed the IP address into the box. You can if you want also down load the program that allows you to do the same plus tracing routes, checking black listings etc.

GG

Thans very muc for that. Learn something new every day:ok:

CC