AuctionBytes Blog
Covering auctions, collectibles and marketplace selling.

AuctionBytes Blog The AuctionBytes Blog has been giving a voice to online merchants since its launch in 2005. Named one of the world's top 30 blogs in 2008 by "Blogging Heroes." Weigh in with your thoughts on the joys and pitfalls of selling online.
Sun Nov 5 2006 22:26:31

eBay Buyers Lose in Phish Fight

By: Ina Steiner

Sponsored Link

eBay made a major concession to scammers last week when it announced its new "Safeguarding Member IDs" initiative last week. eBay will begin hiding the User IDs of bidders on listings with a high bid of $200 or greater on its U.S. Motors site. Sellers will be able to view all bidders' User IDs, but no other member will.

The Safeguarding Member IDs project is one of the most experience-changing policies on eBay to date. Bidders will not know whom they are bidding against, and they will be unable to look for signs of shill bidding. eBay said it may roll out the policy to early next year.

eBay's announcement shows how successful fraudsters have become - in this case, sending fake Second Chance Offer (SCO) emails to eBay bidders to lure them off the eBay website without them realizing it. SCOs are even more devious than other phishing emails because they are sent to people who have actually bid on the item in the fake SCO offer.

While the use of social engineering gives phishers an incredible advantage, it's hard to accept that more can't be done by large well-funded companies whose members are targets. This is an Internet-wide problem, and seems to be getting worse every year.

Toolbars and tutorials can help stop consumers from falling for phishing attacks, but they can't eliminate the problem altogether. Reduced transparency on eBay isn't likely to stop it either.

Comments (7) | Permalink

Readers Comments

eBay Buyers Lose in Phish Fight   eBay Buyers Lose in Phish Fight

by: firemeg

Mon Nov 6 04:45:08 2006

Wow, now the seller has almost free reign to scam and shill bid.  Once it gets past $200, the gloves are off.  How will eBay enforce the shill bidding scammers here?  - without the help of the "community" (aka the Gestapo) eBay will have to employ dozens (or more) of workers just to make sure shill bidding doesn't occur.  Unless, of course, they've written a computer program that will flag these shillers.  And if they have, the question is why can't they do more to prevent fraud, if they can write code to catch shill bidders under the new system.

eBay Buyers Lose in Phish Fight   eBay Buyers Lose in Phish Fight

by: Brian Snale

Mon Nov 6 06:50:54 2006

Since ebay is so rife with frauds and scams I'm suprised anyone still does any dealings on their at all. I've stopped both selling and buying there and moved to a site that takes these things seriously.

eBay Buyers Lose in Phish Fight   eBay Buyers Lose in Phish Fight

by: Helen

Mon Nov 6 07:35:54 2006

Damned if they do, damned if they don't. This initiative will help stop the SCO scams but at what price? More shill bidding? Less transparency (meaning less trust)?  

eBay Buyers Lose in Phish Fight   eBay Buyers Lose in Phish Fight

by: Frank Ross

Mon Nov 6 10:39:00 2006

That seems likes a desperate move.  As though they threw up their hands and couldn't come up with anything else.  I would agree that phishing is not an eBay problem, but a more global, web-wide problem. It seems like something the spam filter software vendors could go after.  In most cases for example, the ebay phish emails don't even have ebay in their reply-to address. It seems like it should be something spam filter vendors could work into their algorithms.  Anyway, eBay motors has long been a separate arm of eBay; this will make it seem even more separate.

eBay Buyers Lose in Phish Fight   eBay Buyers Lose in Phish Fight

by: Gail

Mon Nov 6 18:39:37 2006

If second chance offers are such a problem, eliminate them. SCOs were a ridiculous idea born of greed in the first place. Each new policy just takes eBay deeper into their own maze of briars and brambles. Every move creates another tear in the fabric of the 'eBay business model'. ~Community~Communication~Trust~ Slowly, but surely, eBay is destroying the foundation upon which its success was built.

eBay Buyers Lose in Phish Fight   eBay Buyers Lose in Phish Fight

by: Violette

Tue Nov 7 09:23:21 2006

What eBay should do is encrypt the user ids so that you'll still see the same identifier for each person (though it should be a different one for every auction), but it won't translate into anything that a scammer can use.  This way, too, you'll still be able to see the characteristics of shill bidding without exposing the actual user ids.    With its vast army of software developers, this is something eBay could do quite easily with a database and some encryption algorithms.

eBay Buyers Lose in Phish Fight   eBay Buyers Lose in Phish Fight

by: Peter

Sat Nov 11 03:38:57 2006

Not showing the bidder id, ebay is not an auction site anymore.

Login is required to post comments.
To sign in to leave a comment using your AB Verify User Name, fill in the form below. If you have not yet signed up for AB Verify, or if you'd like more information, go to the Registration Page

Login for AB Verify
Be sure and use your email address and password to log in.

 Forgot Your Password?
 Even though you are signed in with the AuctionBytes Blog, you will have to sign in to the EcommerceBytes blog. But you can sign in with your existing AB Verify info.