Email This Post Email This Post

Etsy Announcement Board Is Hacked Sunday Morning

Etsy is undertaking an investigation into how a spam message made its way onto the Etsy Announcement Board on Sunday morning. The incident followed a rash of complaints about spam being posted on the discussion boards, which some user call “spam slam.”

In a discussion thread about the problem that was initiated on January 30th, one seller noted spam posts appeared to be a “pretty regular occurrence” on Friday evenings after work hours.

A reader wrote to EcommerceBytes on Thursday night saying Etsy’s forums were flooded with Korean spam. “Pages of reposted Korean text by several posters. It’s only happening in the Questions and Discussion forums.”

Sponsored Link

The concern among users grew on Sunday morning when a seller posted a thread titled, “how the heck have the spammers gone into announcements.”

“This is getting ludicrous, how have they infiltrated the announcements,” the original poster asked. Another user responded, “Wow I think it is pretty obviously a bot then that is just breaking into the forums to post since we cant post in announcements.”

An Etsy moderator responded two-and-half hours later. “Looks like some of you saw a spam thread which was briefly posted in the Announcements section this morning. This thread has now been removed and we are currently investigating the matter. We appreciate you taking the time to report this issue to us.” She then closed the two-page thread to further discussion.

Etsy isn’t alone in experiencing discussion-board spam. In the summer of 2013, spammers were inundating the eBay boards with messages about adult services.

Etsy spokesperson Nikki Summer provided the following statement to EcommerceBytes on Sunday afternoon: “A spam thread was briefly posted in the Announcements section this morning. The thread has now been removed, and we are currently investigating the matter. Our team of security and operations engineers are always monitoring the site for bad actors and risks caused by events outside our community, and strive to ensure our community’s information stays safe. We take every report seriously, and in addition to thorough review of each case, we’re always working hard to develop new ways to automatically detect risks and protect our members.”

Update 2/24/15: Etsy said the posting was the result of human error and not a hacking incident, see the full statement in this EcommerceBytes Newsflash story.

Ina Steiner on EmailIna Steiner on LinkedinIna Steiner on Twitter
Ina Steiner

Ina Steiner is co-founder and Editor of EcommerceBytes and has been reporting on ecommerce since 1999. Send news tips to ina@ecommercebytes.com.


Leave a Reply