Ina Steiner EcommerceBytes Blog
News and insight focusing on ecommerce.
by Ina Steiner, Editor of EcommerceBytes.com
Wed July 30 2014 20:37:43

As eBay Defect Policy Nears, Beware Spoof Emails

By: Ina Steiner

Sponsored Link

Scammers are capitalizing on the anxiety many eBay sellers are experiencing over new policies including a new defect rate. Several eBay sellers forwarded spoof emails that appeared to be from eBay, warning them that they were losing their Top Rated Seller status under the new seller performance standards.

Sellers were initially tricked into thinking eBay had sent the messages, which included links to a spoof website.


Above: A screenshot of a "Grace Period" spoof email sent to an eBay seller.

eBay experienced a security breach earlier this year where cyber criminals hacked into a database containing names, addresses, email addresses, birth dates, and other sensitive information. eBay said it had no evidence that the scammers were able to crack the encrypted passwords or gain access to financial information of users.

But it means eBay buyers and sellers must be even more vigilant over spoof emails. While the "Grace Period" attack didn't contain users' names in the emails, any scammer with access to the hacked data could conceivably do so.

We asked eBay's Ryan Moore and Amanda Miller via email on Wednesday if they were aware of the Grace Period spoof and if they were doing anything to warn sellers. They did not respond.




Comments (18) | Leave Comment | Permalink

Readers Comments

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: iheartjacksparrow

Wed Jul 30 21:09:55 2014

"They did not respond." Typical eBay reaction.

All spoof e-mails I've ever received have obvious grammatical errors. eBay would not have spelled 'program' as 'programme.'

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: Philip Cohen
Web Site

Wed Jul 30 21:32:55 2014

It's only because you Yanks have long ago mangled the King's English that the English word "programme" is now more often spelt "program"; and is probably only an indication that the spoof originated from the U.K. ...

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: Ming the Merciless

Wed Jul 30 21:58:50 2014

Programme is the British spelling of program.

As one would expect from a criminal entity, the information hackers obtained (now being referred to by some analysts as a minor security breach) was far more extensive and potentially much more damaging to members than ebay has admitted.

Now the hackers or whomever they sold the information to is trying to current passwords.

Unless there is valid reason for withholding the extent of the hack, the law should require corporations to disclose ALL compromised data to all affected parties and make appropriate restitution.

Ebay's handling of The Hack once again demonstrates the complete absence of ethical corporate governance and utter disregard for the welfare of its members.

So typical of The Ho and his gang of sociopathic narcissists like Devin Wenig and Brian Burke.  

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: bitbybit

Wed Jul 30 22:21:33 2014

Received this spoof email but never click in through emails, especially ebays. There was nothing in my ebay dashboard or messages from ebay about the grace period. If in doubt, I always look in email properties and saw that this one came from an earthlink address. Seems most spoofs, IMO, are from earthlink.

I must admit this one almost got me..almost.. and I didn't notice the misspelling of programme. I did notice the spacing was off and no email user names. I also thought this grace email regarding Top Rated Sellers was off timing wise with the defect seller guillotine coming next month.

Not sure if this is related but I have been getting the last few months since the ebay hack a ton of scam and telemarketing phone calls. They are very slick in using local area codes and the local first 3-digits. Several calls identified in caller ID as a well known bank where I do business. I did call the bank and they know nothing of this. It is a local number and very close to their phone number except for the last 4 digits.

Ebay can deny, underplay and minimize the hack all they want but I think this is bigger than we ever thought and will continue to impact a lot of people for months and maybe even years.

 

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: Marie

Thu Jul 31 02:19:17 2014

We got spoof emails before the hack.  There is no evidence that this spoof is because of the hack.  Spoof emails didn't just suddenly start.

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

by: FREDDY This user has validated their user name.

Thu Jul 31 06:11:27 2014

They didn't suddenly start.
Just a MAJOR jump in the number of emails and calls.

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: Rexford

Thu Jul 31 06:20:21 2014

"There is no evidence that this spoof is because of the hack."

And there is also no evidence that it isn't because of the hack.

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: Rexford

Thu Jul 31 06:26:23 2014

Philip, on my quarterly trips to the UK I witness many Brits who also mangle the King's English. ;) No offence/offense meant to the Croydon chavs. LOL

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: Al G

Thu Jul 31 07:50:53 2014

Philip -
"only an indication that the spoof originated from the U.K. ... "?

By chance, could the spoof have come from the land of OZ as some of your countrymen are wont to call? *(^ ^)*

My guess is a non-Engrish (sic) talking country & their translation does not reflect proper US English, if there is proper English that is. But that is another forum.

Actually, once you lump in the Indians, British spelling rules!

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: Puck

Thu Jul 31 10:29:24 2014

''Not sure if this is related but I have been getting the last few months since the ebay hack a ton of scam and telemarketing phone calls.''

Ditto  

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

by: a_c_green This user has validated their user name.

Thu Jul 31 10:29:41 2014

''Programme'' is of course perfectly correct for UK users (and perhaps Canada & Australia also), but as someone with a US-based account, it would get my attention.

All that aside, there's no reason why scammers would need to limit their spam to only eBay seller account holders; they never have before. With a broad enough spew, they'll reach plenty of people purely at random who happen to have eBay accounts and sell occasionally, and even if only a few of those fall for the fake login, it'll make the scammers' effort worthwhile. There's no definite connection to be seen (or required) with that security breach of a few months ago; they're simply tying their latest fake warning message to eBay's latest newsworthy threat to sellers.

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: Ed Gadfly

Thu Jul 31 10:52:15 2014

Hackers, you need a proofreader.

I was fooled. I see that pixel badge and it instantly inspires confidence and trust.

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

by: RichieC This user has validated their user name.

Thu Jul 31 11:02:49 2014

"The basic difference is between different languages:

   American English always uses program
   British English uses programme unless referring to computers
   Australian English recommends program for official usage, but programme is still in common use.

The word “program” was predominant in the UK until the 19th century, when the spelling “programme” became more common — largely as a result of influence from French, which has the same word “programme”."

So much for the kings English, seems the French already got to you!

P.s.  You should visit the deep south, (USA), you'll see a mangled American English!

From a Yank,

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

by: RichieC This user has validated their user name.

Thu Jul 31 11:04:34 2014

The simplest way to ensure the email is from eBay, is simply to see if it is in your message box on eBay!

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: Marie

Thu Jul 31 11:46:39 2014

@Freddy & Rexford

Yes, it absolutely could be because of the hack.  I was more responding to Ming which made it appear that it was a foregone conclusion it was from the hack.

For me, I've had fewer spoof emails and not phone calls at all since the hack.  I respect that others have been having a different experience.

This particular email is the first one I've received in a couple months or more.  Last year, for me it was almost a weekly occurrence.  

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

by: comet This user has validated their user name.

Thu Jul 31 13:50:20 2014

Dang----I am beginning to feel left out.  First NO Survey and now NO spoof email.

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: eBoy

Fri Aug 1 01:53:59 2014

I always check my eBay message inbox to confirm ALL "eBay" emails. That's 100% effective.

Perminate Link for As eBay Defect Policy Nears, Beware Spoof Emails   As eBay Defect Policy Nears, Beware Spoof Emails

This user has validated their user name. by: iBuyers

Fri Aug 1 09:03:14 2014

Defect Fallacies
1-We spend more time than ever on the phone with CS wasting their time and ours removing defect strikes. Usually an hour a day.
2-Guest users cannot use the managed return center to return an item for any reason and PayPal prompts a user to open a PC which is a auto defect strike against a seller. Further eBay cannot remove a defect strike caused by a PayPal case.
3-By counting opened cases against a seller as a defect strike, you are potentially removing the motivation for a seller to truly help a buyer since a strike has already been issued so "why should I help the buyer, I already got a strike!" If the case didn't count for a defect strike unless escalated or not resolved by seller, the seller would be motivated!
4-counting various returns as a defect strike through the return center is promoting sellers to handle returns outside of eBay and also prompting communication outside of eBay. Exactly what eBay does NOT want to happen
5- A new online marketplace is watching this lunatic and not planned out faulty defect rate that is wasting good sellers efforts and costing TRS $ by dropping (as my account did), from pristine to below standard at one point. The new marketplace is soliciting good sellers through 3rd party auction sites exemplifying this sort of inefficiency will not be needed on their site. The new marketplace is funded by a global company, and has a net worth of 5X the value of eBay (60Billion Compared to 200Billion) and will be very fierce competition as they start drawing the good sellers if this defect rate is not properly addressed.
6. eBay correct this lunacy before it is too late.



Login is required to post comments.
To sign in to leave a comment using your AB Verify User Name, fill in the form below. If you have not yet signed up for AB Verify, or if you'd like more information, go to the Registration Page
.

Login for AB Verify
Be sure and use your email address and password to log in.

 
Email:
Password:
 
 Forgot Your Password?
 Even though you are signed in with the AuctionBytes Blog, you will have to sign in to the EcommerceBytes blog. But you can sign in with your existing AB Verify info.