Ina Steiner EcommerceBytes Blog
News and insight focusing on ecommerce.
by Ina Steiner, Editor of EcommerceBytes.com
Thu May 10 2012 15:53:55

eBay Accuses EcommerceBytes of Fraud then Retracts

By: David Steiner

Sponsored Link

NTT, our hosting provider has informed us that a member of eBay's Trust & Safety team has reported EcommerceBytes for phishing, saying a blog post we wrote about changes to eBay's buyer protection program was an attempt to commit fraud.

Our web hosting company forwarded the letter it received signed by Don Riggins, eBay Inc. Audit and Investigations, in which he wrote

Dear NTT America, Inc.,
We have just learned that your service is being used to display false or "spoofed" eBay.com pages, apparently in an effort to steal personal and financial information from consumers, including eBay users, in order to defraud them. Specifically, it appears that a NTT America, Inc. user is sending unsolicited messages to consumers, misrepresenting itself as eBay, and making statements that encourage the recipient to go to a page hosted by you at

198.64.133.73 - http://blog.ecommercebytes.com/cgi-bin/blog/blog.pl?/pl/2012/4/1333331894.html

ecommercebytes.com

to enter personal and account information. The deceptively gathered information is then sent to an email account and, based on our investigation of similar schemes, used to gain access to consumersâ?T personal accounts in order to commit fraudulent acts such as international credit card and wire fraud.

This matter is urgent - we believe that consumers have been falsely directed to this page and may be deceived into divulging personal information to a criminal if the page is not immediately disabled. We ask that you immediately disable the site at http://blog.ecommercebytes.com/cgi-bin/blog/blog.pl?/pl/2012/4/1333331894.html as well as any associated email addresses, so that this fraudulent scheme can be stopped. We further request that you provide us with all contact information that you have for this user so that we may provide it to the proper law enforcement authorities.

We would also like to ask for you to assist us in educating consumers about phishing and how to protect themselves. To that end, we have set up an educational page at https://signin.ebay.com/ws/eBayISAPI.dll?AntiPhishingRedirector&purl=http://blog.ecommercebytes.com/cgi-bin/blog/blog.pl?/pl/2012/4/1333331894.html to help prevent consumers from being victimized by phishing sites. We would greatly appreciate it, and think it would be enormously beneficial, if you would set up a redirect from the taken down fraudulent address to the educational page we have created, as default error messages such as "404 Not Found" donâ?Tt educate the public about the dangers of phishing and fraud on the Internet.

We sincerely appreciate your immediate attention to this important matter. We would also appreciate if you would take steps to confirm the accuracy of any contact information that your user may have provided to you in establishing the account. Should you have any accurate information that could assist eBay and law enforcement in tracking this individual, we greatly appreciate your assistance, as we know that you do not condone the use of your services for such criminal purposes.
Thank you,

eBay Inc.
Trust & Safety

Don Riggins
eBay Inc.
Audit and Investigations
driggins@ebay.com
securityalerts@ebay.com
For more information on spoofing and password phishing, please see http://pages.ebay.com/education/spooftutorial/

The EcommerceBytes blog post Riggins reported in his phishing complaint was written by Ina in which she reported on seller concerns over changes to the eBay Buyer Protection Policy that allow eBay to issue partial refunds to buyers without requiring them to return the item to the seller - "eBay Buyer Protection Changes Include Partial Refunds, Returns."

If Mr. Riggins had visited the link he reported and was concerned about, he would see there is no place for visitors to enter their personal information. When a user chooses to leave a comment on the blog post, all we require is a working email address.
 
According to Don Riggins' LinkedIn profile, he has been a Fraud Analyst at eBay for over 6 years and claims to have uncovered malicious-bidding fraud as well as affiliate fraud that saved the company $1.6 million.

We've written to Mr. Riggins demanding he retract his report, and copied eBay's communications team to let them know we'd be writing about this incident, as well as leaving a voice message on John Pluhowski's (VP of Corporate Communications) cell phone this morning. As of 1:25pm ET, we have received one response from Johnna Hoff, stating, "Ina and David - thank you for bringing this to our attention. I'm working to right this and will be in touch."

At 3:14 pm, we received a second email from our web hosting company NTT America in which it forwarded a retraction from eBay:

Dear NTT America, Inc.,
It has come to our attention that a recent report made by us to your company regarding a fishing site was made in error and that the site is not host any pages that are being used to gain customer information. We do appreciate your working with us on this issue and regret any inconvenience that this situation has caused. The site in question is:

198.64.133.73 -
http://blog.ecommercebytes.com/cgi-bin/blog/blog.pl?/pl/2012/4/1333331894.html

ecommercebytes.com<http://ecommercebytes.com>

Please do not take action on that page or site since they are not hosting any suspicious information.

Russell R Langner
eBay Trust and Safety

We would be interested in Mr. Riggins' reasoning behind sending a takedown notice to our hosting company, since the page is clearly a blog post that has existed on our site since 4/1/12 and nowhere on the page does it, as Mr Riggins states, "steal personal and financial information from consumers, including eBay users."

We've yet to hear from eBay on how this mistake occurred, and I empathize with sellers whose accounts are mistakenly reported and don't have access to the channels we have.

Comments (52) | Leave Comment | Permalink
Readers Comments

Perminate Link for eBay Accuses EcommerceBytes of Fraud then Retracts   eBay Accuses EcommerceBytes of Fraud then Retracts

by: Quicksilver Messenger This user has validated their user name.
Web Site

Mon May 14 10:55:07 2012

Ina,

You must be hitting a nerve or two with the eBay powers that be. Looks as though they are trying to employ a strong-arm tactic.

Keep up the good work!

Perminate Link for eBay Accuses EcommerceBytes of Fraud then Retracts   eBay Accuses EcommerceBytes of Fraud then Retracts

by: Dazzle This user has validated their user name.

Mon May 14 11:18:13 2012

Unbelieveable isn't it - annie and ming are certainly on the right path.

Pretty sure they don't like the "stand your Ground" approach
to all their new money grabbing policy's

Again - what's 20% of -0-? Answer -0-

If your currently getting no sales from feebay what do you have to lose? Answer -0-

Ebay's got it all backwards - put us back in the chips and we might be more willing to go along with all the new insane money grabbing rules. Give us nothing - prostitute our listings with money grabbing ads - hold our money illegally for 6 months - demand demand demand really gets them -0- in the long run. Don't they remember the Tea Party and Revolution? We're Americans you dunderheads - and we're capitolists too not just you. There's lots of other sites to list on.

Perminate Link for eBay Accuses EcommerceBytes of Fraud then Retracts   eBay Accuses EcommerceBytes of Fraud then Retracts

This user has validated their user name. by: Doc
Web Site

Mon May 14 11:34:05 2012

And this hit on a Friday. eBay was probably hoping the host would shut the site down late Friday afternoon, and hoped it would be down the whole weekend.

They do play dirty!

Perminate Link for eBay Accuses EcommerceBytes of Fraud then Retracts   eBay Accuses EcommerceBytes of Fraud then Retracts

This user has validated their user name. by: thehosst
Web Site

Mon May 14 12:22:13 2012

Ina, this has to be taken serious, I will involve a lawyer for any future issues or attempts, this shows as powerful your site is and how useful for millions it is as well, saying that, you can also see  that we all support you and that is why we come here. This is not about the buyer protection Ina, it is about the traffic redirection post, that is really a huge issue for eBay, they are committing fraud because they don't disclose traffic redirection in seller agreements, that is a big deal for sales and must be mentioned, I would like to see more feedback and update in the traffic redirection. Thank you

Jenn

Perminate Link for eBay Accuses EcommerceBytes of Fraud then Retracts   eBay Accuses EcommerceBytes of Fraud then Retracts

This user has validated their user name. by: Doc
Web Site

Mon May 14 12:44:56 2012

eBay always want's to control the message. Unfortunately they can't control the message here.

I'd be ready for round two. You can bet they are stomping their feet throwing a temper tantrum.

David, I'd advise you to do a complete FTP download of your site content, and export all the databases to local disk. On top of what you normally do to back up the site.

I hope this is not what comes next.
http://www.ebaymotorssucks.com/ddos-attack-information/

Perminate Link for eBay Accuses EcommerceBytes of Fraud then Retracts   eBay Accuses EcommerceBytes of Fraud then Retracts

by: omg This user has validated their user name.

Mon May 14 13:05:29 2012

This could only be better if they apologized for calling this a "fishing" site as shown in the retraction- why do people continue to support these fools?

Perminate Link for eBay Accuses EcommerceBytes of Fraud then Retracts   eBay Accuses EcommerceBytes of Fraud then Retracts

by: comet This user has validated their user name.

Mon May 14 15:53:00 2012

If this wasn't so serious I would be laughing my fool head off.  

I am presuming that since it is now Monday PM even in CA they are NOT going to respond with anything else.

The Emperor Has NO Clothes

Perminate Link for eBay Accuses EcommerceBytes of Fraud then Retracts   eBay Accuses EcommerceBytes of Fraud then Retracts

This user has validated their user name. by: Ming the Merciless

Mon May 14 15:53:52 2012

Ebafia has quite an arsenal when it comes to controlling the message.

They hire internet "reputation defenders" companies like LieWorld whose job it is to:

1. Manipulate internet 'conversations' and comments in directions favorable to ebay. They use a variety of classic college debate techniques to accomplish this goal. Anyone with a debate or law background will recognize them -- some techniques are reasonably sophisticated while others are obvious to a third grader.

2. Make unfavorable net wide news stories, blogs, letters to the editor, negative reviews disappear from the search engines.

3. Plant favorable information I(accuracy matters not) in strategic locations.

Here's a sample of what one of these companies says it can get removed or throttled for a business:

•Unfair news articles
•Disparaging blog posts
•Exaggerated reviews
•Hostile forum comments
•Outdated legal issues
•Blatant smear campaigns

Scary, isn't it, that criminal enterprises like ebafia can actually effectively censor the internet?

Note that every single qualifier adjective in the bulleted phrases above is highly subjective and would allow for anything John Donahood and his gangbangers don't like to magically disappear.

Further, since we know for a fact that ebay contracts with LieWorld to "socially engineer" forum discussions and presumably any discussion anywhere on the internet, check out what LieWorld claims it can and probably does do in view of what happened to the Steiners last Friday:

www.liveworld.com

Ebafia is a blatantly criminal criminal organization that behaves nearly exactly like the Mafia/Cosa Nostra except that The Godfather Ho exterminates small businesses instead of people (let's hope that's the case anyway).

As for ECB, this is where the rubber meets the road.

If this egregious incident slides by without serious consequences for ebay, their conduct will only worsen.

Perminate Link for eBay Accuses EcommerceBytes of Fraud then Retracts   eBay Accuses EcommerceBytes of Fraud then Retracts

This user has validated their user name. by: David Steiner

Mon May 14 21:51:38 2012

Just updating the latest on this issue. eBay did get back to us on Friday and we published another story here:

http://www.auctionbytes.com/cab/abn/y12/m05/i11/s01
R>For
those who may not have read the article, Ms. Hoff wrote:

"In the course of normal monitoring, a combination of keywords on an eCommerceBytes blog post was flagged for its similarity to potentially fraudulent references unrelated to eCommerceBytes. As a result, eBay employee access to the site was temporarily blocked. Access has been restored. eBay respects eCommerceBytes and apologizes for any inconvenience."

Don Riggins also replied to us with the following email:

"Hey,

I was out of the office until approximately 10 minutes ago and my understanding is the problem has been resolved.  If anyone needs contacted about this issue feel free to let me know.

Apologize about the confusion in this matter."

According to a subsequent email from Ms. Hoff, eBay only sent the notification to our web host, NTT. The blocks appear to have been lifted on the anti-phishing sites that we've monitored.

David Steiner

Perminate Link for eBay Accuses EcommerceBytes of Fraud then Retracts   eBay Accuses EcommerceBytes of Fraud then Retracts

This user has validated their user name. by: Ming the Merciless

Tue May 15 20:29:48 2012

Thanks for the update, David.

I understand why ECB has apparently decided to drop the matter. I hope the next time -- and there will be a next time -- you won't.

Riggins' apology was clumsy and amateurish -- hardly what one would expect from a corporation of ebay's size. But the apology accurately reflected his lack of professionalism just as his precipitating action did.

What used auto parts store do these guys come from, anyway?

Perminate Link for eBay Accuses EcommerceBytes of Fraud then Retracts   eBay Accuses EcommerceBytes of Fraud then Retracts

by: Ebay_roadkill This user has validated their user name.

Wed May 16 03:48:02 2012

eBay's just testing out the new CISPA law to see how far they can get.

Perminate Link for eBay Accuses EcommerceBytes of Fraud then Retracts   eBay Accuses EcommerceBytes of Fraud then Retracts

by: Winkle Me Evilbay This user has validated their user name.

Mon May 21 12:36:37 2012

Must be the same T&E employee that vetted Edropoff regarding shill bidding.

The 'fraud specialists' at Ebay (those that remain) have no formal training in fraud detection.  They are just employees that by luck (?) wound up in T&S and are given scripts of what to look for.  Most don't know about tracing IPs, how to analyze data on their own or even how to write in proper english without grammatical and spelling mistakes.

They are low level employees that are not paid much and no job security since fraud detection is as important to Ebay as seller advocacy - based on their history of actions and doublespeak.  For further anecdotal evidence please see any "Griff" thread on the Ebay boards.


And since he was mentioned above by Ming above, remember Vlad?  Well Ebay didn't quite get what they wanted there.  They were unable to push the Romanian authorities and judicial system around and their 'evidence' proved to be very weak.   Vlad should be out of jail by now.    Somehow I don't think we've heard the last from him.

Click to view more comments
1 2 3 


Login is required to post comments.
To sign in to leave a comment, fill in the form below. If you have not yet signed up for AB Verify, or if you'd like more information, go to the Registration Page
.

Login for AB Verify
Be sure and use your email address and password to log in.

 
Email:
Password:
 
 Forgot Your Password?
 Even though you are signed in with the AuctionBytes Blog, you will have to sign in to the EcommerceBytes blog. But you can sign in with your existing AB Verify info.