EcommerceBytes Letters to the Editor Letters to the Editor
Your emails to EcommerceBytes
For consideration, send your email to ina@auctionbytes.com with "Letters to the Editor Blog" in the subject line! Remember to include your name as you would like it to appear in the blog.
Mon Apr 16 2018 11:34:20

Buyer Says Scammers Use eBay Listings as Bait

By: Reader

Sponsored Link

Note from the Editor: We do not advocate visiting the site referenced in this letter. (The domain is registered using the address of the Intel Museum.) Also note the site was reported on the eBay boards in November.

Dear Ina,
Here is a new internet scam I just came across. They got me! Site is wellclosets.top

They appear to have taken eBay listings and put them on their site with impossibly low prices. I bought one, paid with a debit card and a few minutes later had an email from the bank about fraudulent charges. 

There were two charges attempted from China, one successfully, one declined. Probably within minutes, or seconds, of when I submitted my info. At least some of their ads are directly from eBay.

They get the payment info, then use it elsewhere. No charges have appeared from Wellclosets.top. 

Take a look at their site, they even have a category for eBay Motors listed! I reported it to eBay, also my bank. We will see what happens.
Bruce



Comments (8) | Permalink

Readers Comments

Perminate Link for Buyer Says Scammers Use eBay Listings as Bait   Buyer Says Scammers Use eBay Listings as Bait

by: FeelingFroggy This user has validated their user name.

Mon Apr 16 12:27:50 2018

Fleabag doesn't care. Its all about the money.

Perminate Link for Buyer Says Scammers Use eBay Listings as Bait   Buyer Says Scammers Use eBay Listings as Bait

This user has validated their user name. by: FidoMaster

Mon Apr 16 15:22:11 2018

There are red flags on the site that individually might raise an eyebrow, but collectively shout, “RUN AWAY!”  No super cyber-sleuthing skills needed, just look out for stuff like this:

1. WEIRD TOP-LEVEL DOMAIN.  How many sites that you’ve done biz with previously (or have even heard of) use a .top domain?
2. BROKEN ENGLISH.  If you see a lot of poorly written copy on a site that presents itself as being US-based beware.
3. MULTIPLE LANGUAGES IN SAME SECTIONS: The category drop down looks like a mix of both English and German.  The Mandarin speaking hackers probably aren’t able to easily identify the differences from the content they’ve scraped.
4. ODDBALL CHARACTERISTICS: The alphabetically sorted category dropdown also ends at “B” which makes no sense.  This is probably a truncated scrape that the hacker dropped into the store template that only allowed ~15 items.
5. MISSING IMAGES: Depending on when you refresh, many of the listings on the main page (which says “TOP VIEWED STORES” when they clearly are items) are showing placeholder blank photo filler.
6. NON-WORKING SOCIAL LINKS: None of the Twitter, Facebook, Instagram, and Pinterest links actually link to the site’s branded social accounts, they all point to the top-level domain for each social network.
7. EMAIL SIGN-UP: “SUBSCRIBE TO MODODOC NEWS” Mododoc news?  I thought I was on Wellclosets.top?  Opps. Add this one to #4
8. NO CONTACT INFO: In addition to the social accounts not having any info, there’s virtually nothing anywhere on the site with contact info (only a “contact us” form field). No phone number, no mailing address (not even a fake one like the Intel addy they used in their domain registration),  no email address.  Nothing.  This is a significant red flag.
9. TOO GOOD TO BE TRUE: If the prices are, this should of course serve as a first alert.  If you decide to take a risk, use a credit card and not a debit card.  If you carry an Amex, use that.

There are plenty of outside resources available to check out the legitimacy of a site, but by familiarizing oneself with some of these common idiosyncrasies of scam sites like this one can be helpful.

Perminate Link for Buyer Says Scammers Use eBay Listings as Bait   Buyer Says Scammers Use eBay Listings as Bait

by: yesmikan This user has validated their user name.

Tue Apr 17 18:59:06 2018

I stumbled on this site via a Google Search a few months back and decided that the prices were way too good to be true. Guess I was right.

Perminate Link for Buyer Says Scammers Use eBay Listings as Bait   Buyer Says Scammers Use eBay Listings as Bait

by: Snapped This user has validated their user name.

Tue Apr 17 20:18:06 2018

That's a nice post Fido, very informed and helpful.  

When coupled to the op's posted experience though, it raises a troubling question...

So....if you know all that and can act, and now WE know all that and can act too (thanks), and now while even the self-proclaimed innovators of disruptiveness at eBay can't deny an ability to know all that as well, yet still DON'T act...macrospherically...

...especially since 'concerns' for the 'hordes' of sellers who might perpetrate this exact kind of scam have founded justification for every handcuffing policy 'protecting' buyers, and as parchment cloak to to eMirandize every seller before their virtual predetermined sentencing on much less 'evidence' - so that 'attention paid' can be checkmarked.....

What possible explanation besides either incompetence or willful hypocrisy, each  effectively endorsing this wanton thievery, might apply?

Perminate Link for Buyer Says Scammers Use eBay Listings as Bait   Buyer Says Scammers Use eBay Listings as Bait

This user has validated their user name. by: FidoMaster

Wed Apr 18 01:03:54 2018

@Snapped, that’s a great question, and one of the many I only wish eBay institutional investors and analysts, shareholders, CxO’s, and the BoD were asking.

I’m not sure if it’s incompetence or ignorance (perhaps a bit of both), though this isn’t the first time eBay has taken flack for a ''lackadaisical'' response to a security issue.

Someone should suggest to Wenig he call in his global security director (and every upline report between that position and Wenig) to evaluate, make recommendations, and action this situation ASAP.

If you are an eBay employee or contractor reading this, don’t allow the negligence to persist by not escalating this issue. Please forward a link to this article to the person(s) that can most effectively do something about it.

If these sites are still up by the time the month of May rolls around, we can safely rule out ignorance and check the incompetence box.

There is no excuse for scammer(s) scraping eBay and propping up fraudulent ecommerce sites in order to collect credit-card data from consumers to be allowed to operate for months, let alone after a seller customer specifically reported it in company forums.  

This type of fraudulent activity should be proactively managed by the organization well in advance of consumers being defrauded, and there exist countless brand management and security solutions that do this type of thing.

That said, eBay apparently isn’t concerned with these types of issues unless it results in a direct site exploit. Both “Social Engineering/Phishing” and “Content spoofing” are both explicitly named in eBay’s site security reporting EXCULSION list, clear messaging eBay doesn’t view this type of activity as a “real” problem.

Dumb move eBay.  You should be concerned, here’s why: every fraudulent “transaction” that occurs on a fake site built on scraped eBay listings has directly cannibalized an actual transaction from eBay.

Every time a buyer gets scammed into making a purchase from wellclosets.top, latestkicks.top, pivotdirects.top, specialreachs.top, specialcabinets.top, placeoutfits.top, starcharms.top, goanys.top, plusmys.top and who knows how many dozens of other additional scam sites built on the same eBay scraped template, has directly cannibalized eBay’s income and GMV!

Scam pricing bait aside, clearly these transactions would have/ should have taken place on eBay.

Allowing these scam sites to proliferate and thrive for months creates a lot of loosers -- shareholders loose, sellers (whose listings were scraped) loose, and of course the buyers and consumers loose.

Side Note – Any readers that run a marketplace (that isn't eBay), I would be happy to provide a referral and introduction to a truly world class (and well known /published) expert security consultant (I’m no technical expert) who was very helpful to me a few years ago after a major competitor breach at a top-20 traffic US site fidomasteratprotonmaildotcom.

$EBAY #eBay #eCommerce #fraud #ecommercefraud #business #ecommercesecurity #security

Perminate Link for Buyer Says Scammers Use eBay Listings as Bait   Buyer Says Scammers Use eBay Listings as Bait

This user has validated their user name. by: Bill

Wed Apr 18 23:46:27 2018

By allowing this to proliferate they are driving more and more buyers away from eBay and they themselves can not afford to do this period!

Perminate Link for Buyer Says Scammers Use eBay Listings as Bait   Buyer Says Scammers Use eBay Listings as Bait

This user has validated their user name. by: FidoMaster

Sun Apr 29 11:06:38 2018

Based on (lack of) results, eBay is indifferent and does not see this as their problem to deal with.

#EBAY SCRAPED LISTINGS SCAM SITES UPDATE:
- Days Passed: 13
- Scam eBay sites taken down: ZERO
- Scam eBay sites remaining: 12+

ATTENTION:
Devin Wenig: President & CEO
Scott Cutler: SVP, Americas
Steve Fisher: SVP, Chief Technology Officer
Jim Baugh - Sr. Director, Global Security

Perminate Link for Buyer Says Scammers Use eBay Listings as Bait   Buyer Says Scammers Use eBay Listings as Bait

This user has validated their user name. by: FidoMaster

Sat May 12 22:10:28 2018

#EBAY SCRAPED LISTINGS SCAM SITES UPDATE:
- Days Passed since reported to ECB: 58
- Days Passed since reported to eBay Community: 166
- Scam eBay sites taken down: ZERO
- Scam eBay sites remaining: MANY

Is it time to check the 'INCOMPETENCE'' box?

Based on eBay's lack of any results in getting any of these sites shut down, eBay clearly does not view the scraping and reposting of sellers' spoofed eBay-listing on a scammer website collecting buyer credit card information as a problem for them to worry about or deal with.

ATTENTION:
Devin Wenig: President & CEO
Scott Cutler: SVP, Americas
Steve Fisher: SVP, Chief Technology Officer
Jim Baugh - Sr. Director, Global Security

Any interested party - I can be contacted at [ThisUserName]atprotonmaildotcom



Login is required to post comments.
To sign in to leave a comment using your AB Verify User Name, fill in the form below. If you have not yet signed up for AB Verify, or if you'd like more information, go to the Registration Page
.

Login for AB Verify
Be sure and use your email address and password to log in.

 
Email:
Password:
 
 Forgot Your Password?
 Even though you are signed in with the AuctionBytes Blog, you will have to sign in to the EcommerceBytes blog. But you can sign in with your existing AB Verify info.