|Thu May 10 2012 15:53:55|
eBay Accuses EcommerceBytes of Fraud then Retracts
By: David Steiner
NTT, our hosting provider has informed us that a member of eBay's Trust & Safety team has reported EcommerceBytes for phishing, saying a blog post we wrote about changes to eBay's buyer protection program was an attempt to commit fraud.
Our web hosting company forwarded the letter it received signed by Don Riggins, eBay Inc. Audit and Investigations, in which he wrote
Dear NTT America, Inc.,
We have just learned that your service is being used to display false or "spoofed" eBay.com pages, apparently in an effort to steal personal and financial information from consumers, including eBay users, in order to defraud them. Specifically, it appears that a NTT America, Inc. user is sending unsolicited messages to consumers, misrepresenting itself as eBay, and making statements that encourage the recipient to go to a page hosted by you at
184.108.40.206 - http://blog.ecommercebytes.com/cgi-bin/blog/blog.pl?/pl/2012/4/1333331894.html
to enter personal and account information. The deceptively gathered information is then sent to an email account and, based on our investigation of similar schemes, used to gain access to consumersâ?T personal accounts in order to commit fraudulent acts such as international credit card and wire fraud.
This matter is urgent - we believe that consumers have been falsely directed to this page and may be deceived into divulging personal information to a criminal if the page is not immediately disabled. We ask that you immediately disable the site at http://blog.ecommercebytes.com/cgi-bin/blog/blog.pl?/pl/2012/4/1333331894.html as well as any associated email addresses, so that this fraudulent scheme can be stopped. We further request that you provide us with all contact information that you have for this user so that we may provide it to the proper law enforcement authorities.
We would also like to ask for you to assist us in educating consumers about phishing and how to protect themselves. To that end, we have set up an educational page at https://signin.ebay.com/ws/eBayISAPI.dll?AntiPhishingRedirector&purl=http://blog.ecommercebytes.com/cgi-bin/blog/blog.pl?/pl/2012/4/1333331894.html to help prevent consumers from being victimized by phishing sites. We would greatly appreciate it, and think it would be enormously beneficial, if you would set up a redirect from the taken down fraudulent address to the educational page we have created, as default error messages such as "404 Not Found" donâ?Tt educate the public about the dangers of phishing and fraud on the Internet.
We sincerely appreciate your immediate attention to this important matter. We would also appreciate if you would take steps to confirm the accuracy of any contact information that your user may have provided to you in establishing the account. Should you have any accurate information that could assist eBay and law enforcement in tracking this individual, we greatly appreciate your assistance, as we know that you do not condone the use of your services for such criminal purposes.
Trust & Safety
Audit and Investigations
For more information on spoofing and password phishing, please see http://pages.ebay.com/education/spooftutorial/
The EcommerceBytes blog post Riggins reported in his phishing complaint was written by Ina in which she reported on seller concerns over changes to the eBay Buyer Protection Policy that allow eBay to issue partial refunds to buyers without requiring them to return the item to the seller - "eBay Buyer Protection Changes Include Partial Refunds, Returns."
If Mr. Riggins had visited the link he reported and was concerned about, he would see there is no place for visitors to enter their personal information. When a user chooses to leave a comment on the blog post, all we require is a working email address.
According to Don Riggins' LinkedIn profile, he has been a Fraud Analyst at eBay for over 6 years and claims to have uncovered malicious-bidding fraud as well as affiliate fraud that saved the company $1.6 million.
We've written to Mr. Riggins demanding he retract his report, and copied eBay's communications team to let them know we'd be writing about this incident, as well as leaving a voice message on John Pluhowski's (VP of Corporate Communications) cell phone this morning. As of 1:25pm ET, we have received one response from Johnna Hoff, stating, "Ina and David - thank you for bringing this to our attention. I'm working to right this and will be in touch."
At 3:14 pm, we received a second email from our web hosting company NTT America in which it forwarded a retraction from eBay:
Dear NTT America, Inc.,
It has come to our attention that a recent report made by us to your company regarding a fishing site was made in error and that the site is not host any pages that are being used to gain customer information. We do appreciate your working with us on this issue and regret any inconvenience that this situation has caused. The site in question is:
Please do not take action on that page or site since they are not hosting any suspicious information.
Russell R Langner
eBay Trust and Safety
We would be interested in Mr. Riggins' reasoning behind sending a takedown notice to our hosting company, since the page is clearly a blog post that has existed on our site since 4/1/12 and nowhere on the page does it, as Mr Riggins states, "steal personal and financial information from consumers, including eBay users."
We've yet to hear from eBay on how this mistake occurred, and I empathize with sellers whose accounts are mistakenly reported and don't have access to the channels we have.