AuctionBytes Blog
Covering auctions, collectibles and marketplace selling.

AuctionBytes Blog The AuctionBytes Blog has been giving a voice to online merchants since its launch in 2005. Named one of the world's top 30 blogs in 2008 by "Blogging Heroes." Weigh in with your thoughts on the joys and pitfalls of selling online.
Mon Jan 19 2015 22:37:41

Another eBay Redirect Attack Leaves Sellers Vulnerable

By: Ina Steiner

Sponsored Link

In September, we wrote about an eBay vulnerability known as a cross-site scripting (XSS) attack. The attack drew the attention of the BBC after a powerseller showed how hackers had placed malicious Javascript code within product listing pages that redirected visitors to a spoof site in order to collect user names and passwords.

Today, an eBay user sent us a link to an eBay product listing page that was infected with a malicious embed. The listing was brought to his attention when a supposed buyer emailed him asking him to relist the item, even though it was not his listing.

"Searching for this item on ebay will redirect you to an ebay lookalike site requesting your password," he said.

We searched eBay.com for the item number and clicked through to the listing. After a few seconds (enough time to grab a screenshot of the listing), our anti-virus software popped up showing that the page was trying to redirect us to a German website and warning that it was a phishing website.

The reader said the listing had been active all day, and that eBay had been contacted about it hours before, yet the infected listing remained live on the site.

If you receive an email asking you to relist an item and pointing to a listing that is not your own, beware!

Comments (26) | Leave Comment | Permalink
Readers Comments

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vunerable   Another eBay Redirect Attack Leaves Sellers Vunerable

This user has validated their user name. by: Philip Cohen
Web Site

Mon Jan 19 23:37:29 2015

eBay might get around to stopping this some time; but, there's no hurry as long as eBay is getting a fee from someone; in the meantime, shop on eBay: buyer beware ...

The eBay executive suite—where the incompetent mingle with the disingenuous, the malevolent and the outright criminal, and the just plain stupid ... http://bit.ly/11F2eas

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vunerable   Another eBay Redirect Attack Leaves Sellers Vunerable

This user has validated their user name. by: Rexford

Tue Jan 20 07:17:45 2015

Let's see how long it will take eBay to comment.

Tick, tick, tick.

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

by: Gina This user has validated their user name.

Tue Jan 20 10:45:04 2015

god....the potential horrors are beyond contemplation!
Last week my accountant's email got hacked...all her clients were sent emails asking them for money.  All Her Clients' emails are now available for sale to other scammers!  I won't do that to my clients!!!!

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

by: froggie This user has validated their user name.

Tue Jan 20 10:47:55 2015

I got the same email late last week with the request to relist. First tip off for me was that I haven't listed anything to sell on ebay since last May.

I didn't click on the link in the email, but copied the item number of the listing that I was being asked to relist for the buyer.

I did an advanced search on ebay with listing number which brought up the exact same listing as you see in the screenshot.

Even if I were still listing and selling on ebay, no way I would ever click on a link in an email like the one I got, and then proceed to log in from the page that is produced.

And of course, I never ever sold anything like what was in the listing.

Beware not only on ebay, but beware of clicking any links in any email that comes to you from a supposed customer on ebay.

And this has been going on on ebay for YEARS! There's no excuse for it from a company as huge and with as much money as Ebay.

Here's an article on Threatpost from Dec, 2013 about this vulnerability on ebay.

http://threatpost.com/ebay-vulnerable-to-account-hijackin
g-via-xsrf/103311

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

This user has validated their user name. by: elpereles
Web Site

Tue Jan 20 10:51:45 2015

If the problem is only 1 auction or 1000s auction. I'm surprise eBay allow somebody play with their site. lol

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

by: ellisdtripp This user has validated their user name.

Tue Jan 20 11:05:24 2015

This happened to my account a year ago last November. I sell on eBay USA and the hacking came from the UK. the hacker listed about a thousand music related items. Same thing, users would be directed to another site where they would give their login data away. Another eBay user who saw the bulllshit listings called me and alerted me to what had happened and I was able to get ebay to take down the bogus listings within an hour after they were posted. One poor individual did buy a pricey item and was screwed out of what he paid for it. Oh well. eBay obviously has security issues they are not properly addressing. Yes, shocking, isn't it?  

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

by: ebay refugee camp This user has validated their user name.

Tue Jan 20 11:27:38 2015

I wonder what would happen if a fire broke out a ebay office, would that be taken care of immediately or would it burn for hours.

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

by: Terry in Texas This user has validated their user name.

Tue Jan 20 12:29:39 2015

@ ELLISDTRIPP--your scam happened to me but about 3 years ago! i woke up one morning to find more than 1200 emails ''confirming my ebay listing''. of course, i hadn't uploaded any listings during the middle of the night while i was asleep. i'd also received 2 questions from potential buyers. the items were all high priced musical equipment. the big alert came from an email from someone that had purchased one of my ''guitar listings''. he told me that he had purchased/paid for this guitar a few months prior and had never received it.  he had been scammed.

i emailed back and told him my site had been hacked and it was not my listing. He told me he was keeping an eye on the scam artist and just wanted him to know he was watching. he told me he had contacted the NSA and scotland yard.

i clicked ''buy now'' on one of the listings to see where it took me. long page of explanations of ''how to purchase'' which involved a WIRE TRANSFER payment to the UK.

on the plus side, i immediately called Ebay Security and besides being in the USA, they took the listings down within an hour and worked hard to correct my site. The only time i've found customer support to be completely and timely helpful.

looks like that guy is still out there……...

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

by: Lois This user has validated their user name.

Tue Jan 20 12:35:28 2015

I got one a week ago, from someone who asked me to relist the doll I had listed. Given that I had 15 dolls listed - the listings had expired - I asked which one? Never answered. Not anywhere in my messages from eBay, either.
Perhaps a less competent scammer?.....

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

This user has validated their user name. by: Ric

Tue Jan 20 13:21:23 2015

Over the last 2 weeks, I had the tedious and frustrating task of dealing with eBay customer service regarding stolen original photos.

Multiple calls, multiple promises of action, yet somehow nothing was done and seller protection was not to be had.

On my SIXTH call, I requested to be transferred to the VERO department.  The agent said their call routing system was down and they were not able to transfer calls.  I was shocked when the agent provided me with a direct dial number so that I could call the department that handles VERO issues directly.

In my conversation with the VERO supervisor, she admitted that the department that handles listing takedowns is understaffed, overwhelmed and is unable to keep up with the amount of listing takedowns that come in on a daily basis.

When I asked why they do not have sufficient staff, the supervisor indicated that as far as management was concerned there was sufficient staff.  

In other words, they have a small handfull of individuals addressing listing takedowns when they actually need a room full in order to get current and address takedowns on a timely basis.

In the corporate world of budgets and staffing, management that complains about being understaffed or unable to complete necessary tasks with staffing on hand, is quickly replaced by management that is content to simply plod along knowing and accept that users are poorly served.

That, in a nut shell explains eBay today.  

Now... imagine how much worse things will get when eBay becomes a stand alone company with C level management concerned only with the continuation of their multi million dollar compensation packages.

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

This user has validated their user name. by: LDS Brother

Tue Jan 20 14:02:51 2015

Donahoe's paycheck in not understaffed, $23,000,000

3,000 down and more to go

Donahoe and eBay killed our income, and they have no regard for the lower level employees, all they are about is $$$$$$ for themselves !

Self enrichment self enrichment self enrichment self enrichment self enrichment self enrichment self enrichment !!!!!

Donahoe to arrogant and non caring to realize Google is killing us ALL by not having us on the first page of people looking for items

Johhny got all he needs for his self, so that is all that matters to him

I expect Wenig not to be one bit different !

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

This user has validated their user name. by: LDS Brother

Tue Jan 20 14:05:03 2015

And in some make believe fantasy world where Wenig would try to connect with small sellers, it will NEVER EVER happen without Google

So in the 1 in 1,000,000 chance Wenig tries to make eBay like it once was, it absolutely cannot and will never be until Google is promoting eBay again

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

by: ajeweler This user has validated their user name.

Tue Jan 20 15:14:16 2015

I received the same one, in addition I have received another thru ebay messages with a full link to the uk sellers store,

are you kidding me, I cannot even place a hint of e mail address, in fact if I try to use the word mail in the messages I get a red flag stating it is against e bay policies to link outside contact info.
the message I received is a direct re direct to a private site to someone whom wishes to trade items
after calling ebay waiting almost two hours to ask them why I cannot do the same, I am told some countries permit this type of commutation, and am told that it is a seller simply "reaching out to sell items" and is not against any policies and was permitted practice , however when I asked if I could the CSR stated that in the usa we are not allowed to do this due to ebay.com policies , I asked to speak with a supervisor, the reply was that e bay no longer tolerates, seller complaints and that if I continued to ask I would receive a violation MC999 "noise complaint" and I could have restrictions placed upon my account, has anyone heard of this MC999 noise complaint???

EBAY MEANS
EMPLOYEES BAND ANNIHILATE YOU !!    

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

This user has validated their user name. by: LasVagueness

Tue Jan 20 15:57:51 2015

@Philip Cohen
@ebay refugee camp

Lol!!!

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

by: Gina This user has validated their user name.

Tue Jan 20 19:22:59 2015

"I wonder what would happen if a fire broke out a ebay office, would that be taken care of immediately or would it burn for hours"
Let it burn!  It's insured for more than it's current stock price!   ;)

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

by: Gina This user has validated their user name.

Tue Jan 20 19:29:19 2015

"I asked to speak with a supervisor, the reply was that e bay no longer tolerates, seller complaints and that if I continued to ask I would receive a violation MC999 "noise complaint" and I could have restrictions placed upon my account"
Holy F!!!!

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

This user has validated their user name. by: Puck

Tue Jan 20 19:35:08 2015

''I expect Wenig not to be one bit different !''
The new guy will be the old guy²

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

This user has validated their user name. by: Philip Cohen
Web Site

Tue Jan 20 20:41:10 2015

aJeweler,
Well, what else would you expect; after all, you are sitting there, maybe for a couple of hours, tying up eBay's telephone lines; if they did not have all these nuisance calls all day they could cut off most of those phone lines and put some more money into Johnny Ho's pocket; to bad the shareholders are never going to get any cash ...

The reality is, Johnny Ho does not want to hear from you ...

The eBay executive suite—where the incompetent mingle with the disingenuous, the malevolent and the outright criminal, and the just plain stupid ... http://bit.ly/11F2eas

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

by: Volvo351 This user has validated their user name.

Tue Jan 20 21:04:26 2015

No surprise here. eBay routinely allows FEE EVADERS to cheat the system, to the detriment of honest sellers. Now, you'd figure JD would give a carp about being scammed, but you'd be dead wrong! His one-size-fits-all solution is simply an across-the-board FEE INCREASE.

Perminate Link for Another eBay Redirect Attack Leaves Sellers Vulnerable   Another eBay Redirect Attack Leaves Sellers Vulnerable

by: gizmo This user has validated their user name.

Tue Jan 20 21:33:18 2015

Anything out of the norm , gone. Im sure glad I think before do.

Click to view more comments
1 2  [Next Page]


Login is required to post comments.
To sign in to leave a comment using your AB Verify User Name, fill in the form below. If you have not yet signed up for AB Verify, or if you'd like more information, go to the Registration Page
.

Login for AB Verify
Be sure and use your email address and password to log in.

 
Email:
Password:
 
 Forgot Your Password?
 Even though you are signed in with the AuctionBytes Blog, you will have to sign in to the EcommerceBytes blog. But you can sign in with your existing AB Verify info.