|Mon Jan 19 2015 22:37:41|
Another eBay Redirect Attack Leaves Sellers Vulnerable
By: Ina Steiner
Today, an eBay user sent us a link to an eBay product listing page that was infected with a malicious embed. The listing was brought to his attention when a supposed buyer emailed him asking him to relist the item, even though it was not his listing.
"Searching for this item on ebay will redirect you to an ebay lookalike site requesting your password," he said.
We searched eBay.com for the item number and clicked through to the listing. After a few seconds (enough time to grab a screenshot of the listing), our anti-virus software popped up showing that the page was trying to redirect us to a German website and warning that it was a phishing website.
The reader said the listing had been active all day, and that eBay had been contacted about it hours before, yet the infected listing remained live on the site.
If you receive an email asking you to relist an item and pointing to a listing that is not your own, beware!