Ebay identity stolen again!

Discussion in 'Archived Threads 2001-2004' started by Patrick Sun, Oct 2, 2002.

  1. Patrick Sun

    Patrick Sun Moderator
    Moderator

    Joined:
    Jun 30, 1999
    Messages:
    38,722
    Likes Received:
    463
    Somehow, someone has used my Ebay identity to fradulently list another 2 laptops for sale once again. I just happened to check Ebay the other day and noticed that I got my 1st negative feedback, and it was for non-response to a "completed" auction, and that's when I learned that someone used my Ebay account to post the bogus auctions.

    The weird thing is that I never got the 6 emails this person claims he sent my way, and Ebay never alerted me to anyone changing the Ebay email address that's associated with my Ebay account. So this person just slapped me with negative feedback.

    I don't know how my Ebay account keeps getting hacked, and the crook did so exactly one month from the first time he hacked my account (Ebay did help me out in that debacle). I don't know if Ebay will be as helpful this second time around, but I did report this incident as well (plus, requesting the removal of the $88+ in listing fees that the
    2 laptops accrued by being listed and bidded on in those fraudulent auctions).

    After the first time, I changed my passwords, and did what I could to protect myself. The saving grace is that I did not update my credit card information (the card had expired), so they can't ding me automatically for the listing fees.

    I'm really tempted to just start over and retire my old Ebay account and say goodbye to my feedback history.
     
  2. Ryan Wright

    Ryan Wright Screenwriter

    Joined:
    Jul 30, 2000
    Messages:
    1,875
    Likes Received:
    0
    Patrick,
    If you changed your passwords, then this is eBay's problem. Unless you're using easy to guess passwords, this points heavily toward a flaw in eBay's systems that they need to fix.
    Please let us know what happens, especially as it relates to the negative feedback. eBay has an obligation to remove that. Unfortunately, from what I've heard, they'll probably tell you to piss off. [​IMG]
    Someone should start a better auction site. There are so many flaws in eBay's system - mainly procedural/administrative - that could be easily fixed in order to create a better, smarter site. Only problem is getting enough people to use it so you can break even on your costs, and perhaps eventually make a profit.
    -Ryan
     
  3. Kevin P

    Kevin P Screenwriter

    Joined:
    Jan 18, 1999
    Messages:
    1,439
    Likes Received:
    0
    If your password was compromised twice, I'd check and see if you have some sort of backdoor Trojan on your machine that is sending your keystrokes or passwords to some hacker somewhere. It seems too odd that your account would be hacked twice.
    If your computer has been infected with a virus, it could open a backdoor as well. Some viruses that do this include Weird, Badtrans, and the new Bugbear that's going around now.
    And I second using a difficult to guess password. Dang, I should change mine. [​IMG]
     
  4. MikeAlletto

    MikeAlletto Cinematographer

    Joined:
    Mar 11, 2000
    Messages:
    2,369
    Likes Received:
    0
    Patrick you do know that '1234' is not a good password...right?
    [​IMG]
     
  5. Peter Kim

    Peter Kim Screenwriter

    Joined:
    Jun 18, 2001
    Messages:
    1,577
    Likes Received:
    0
    Yeah, Patrick. Given that you've been victimized twice within a relatively short amount of time, I'd look within your own system to determine if there have been any compromised vulnerabilities. I've had my account for over 3 years and have never had problems - I'm sure my situation is the rule and yours is the exception.

    If eBay cannot provide any answers, and you cannot diagnose any breach on your end, I'd start over with a new account.
     
  6. Malcolm R

    Malcolm R Executive Producer

    Joined:
    Feb 8, 2002
    Messages:
    13,087
    Likes Received:
    769
    Real Name:
    Malcolm
    I got an odd email from Ebay a couple weeks ago:
    Don't have any idea what it was about. Either someone tried to log in using my username and after a certain amount of failed attempts, it sent this "forget your password?" email to me, or someone was trying to use my log-in by mistake, didn't realize they had the username wrong, and clicked on the "please send password" option since they thought they'd forgotten their password.
    What creeps me out is the "If you did not forget your password, please ignore this email" statement. Does the Ebay system just send random email occasionally, necessitating such a statement? Very strange.
     
  7. Patrick Sun

    Patrick Sun Moderator
    Moderator

    Joined:
    Jun 30, 1999
    Messages:
    38,722
    Likes Received:
    463
    Malcolm, if I were you, I'd go and check my Ebay account for suspicion new auction listings and if they went to completion.

    I use Norton, and it does a daily check for viruses, and it has never found one yet, and I did the Live Updates to get the most current virus definitions.

    The only thing that I can think of is maybe some PTP software I have running in the background might allow some people to hack into my system and sneak a peek at my new passwords. I really don't know, though.
     
  8. PatrickM

    PatrickM Screenwriter

    Joined:
    Aug 10, 2000
    Messages:
    1,138
    Likes Received:
    0
    Patrick,
    Have you gone to http://www.lavasoftusa.com/ and downloaded and run Ad-Aware? It works quite well in removing spy-ware type software.
    Patrick
     
  9. Malcolm R

    Malcolm R Executive Producer

    Joined:
    Feb 8, 2002
    Messages:
    13,087
    Likes Received:
    769
    Real Name:
    Malcolm
     
  10. Jeff R.

    Jeff R. Stunt Coordinator

    Joined:
    May 31, 1999
    Messages:
    175
    Likes Received:
    0
    One thing I noticed about the account login on Ebay is that it is not a secure login by default. If you want to use the secure login, you have to click on the tiny "secure sign in" button in the corner. I would guess that most people use the default unsecure login which anyone sniffing packets would be able to capture the login names and passwords.
     
  11. Vince Maskeeper

    Vince Maskeeper Producer

    Joined:
    Jan 18, 1999
    Messages:
    6,499
    Likes Received:
    0
    Malcom.

    Did that "forgot your password?" emailactually point to a real ebay server? I have gotten dozens of emails nearly identical to that which pointed to faked ebay servers (ebay.password.x.com)-- used by hackers to get unsuspecting people to type in what they "think" their old password was...

    -Vince
     
  12. Malcolm R

    Malcolm R Executive Producer

    Joined:
    Feb 8, 2002
    Messages:
    13,087
    Likes Received:
    769
    Real Name:
    Malcolm
    Vince,

    It seemed legitimate to me, but I don't know if I'd recognize a fake one.
     
  13. Danny R

    Danny R Supporting Actor

    Joined:
    May 23, 2000
    Messages:
    871
    Likes Received:
    0
    It is also possible that someone is "sniffing" your password from the network along the way.

    Always best to use the secure login on ebay rather than the standard one. Why ebay doesn't offer ONLY that choice is beyond me.
     
  14. Scott Merryfield

    Scott Merryfield Executive Producer

    Joined:
    Dec 16, 1998
    Messages:
    12,072
    Likes Received:
    927
    Location:
    Michigan
    Patrick,

    Another way to combat a possible Trojan horse program that may be running on your PC and capturing keystrokes is to run firewall software to block the transmission of info from one of these programs. ZoneAlarm is free and works quite well. Anytime a new application attempts to use my Internet connection, ZoneAlarm alerts me and asks for permission before allowing the connection.

    If you have cable modem Internet service, some sort of firewall protection is a must, and it probably wouldn't hurt for dial-up use, either.
     
  15. Patrick Sun

    Patrick Sun Moderator
    Moderator

    Joined:
    Jun 30, 1999
    Messages:
    38,722
    Likes Received:
    463
    I've been using ZoneAlarm for over a year now. I'm pretty careful to "okay" the sites that ZoneAlarm flags me for permission to allow connectivity into my PC. I'm really perplexed by all of this.

    I did update my AdAware installation, did a deep scan, it came up a popular PTP-sharing application entries, and a lot of double-click cookies. I had AdAware remove them all.

    I also use Norton Antivirus, and it does a daily scan, and I do the Live Updates regularly.
     
  16. KyleS

    KyleS Screenwriter

    Joined:
    Jul 24, 2000
    Messages:
    1,232
    Likes Received:
    0
    Damn you sure are un-lucky Patrick I remember the last time you got your password hacked and that didnt seem too long ago. Best of luck getting this taken care of.

    KyleS
     
  17. TonyD

    TonyD Who do we think I am?
    Supporter

    Joined:
    Dec 1, 1999
    Messages:
    17,302
    Likes Received:
    474
    Location:
    Disney World and Universal Florida
    Real Name:
    Tony D.
    patrick i received this email a little while ago. it seems this person is scamming people with lap top sales on ebay. maybe it is connected to your situation somehow.
    >
    >
    > Hello,
    >
    > Records indicate that you were involved in a transaction with
    > "electro_depot" on eBay. "electro_depot" is being investigated for its
    > business practices by several federal and local agencies. To date, over a
    > hundred people have lost over $300,000 in this and related cases of
    > fraudulent laptop sales on eBay. Many people who have lost money in
    > transactions with "electro_depot" have combined their collective efforts and
    > are currently working together to get refunds for their losses and see
    > that justice is served on the perpetrators of this scam.
    >
    > Was your experience with this eBay seller a positive or a negative one?
    > Does "electro_depot" still owe you a computer or a refund check?
    > Do you have a story you'd like to share about your transaction with
    > "electro_depot?" Please reply to [email protected]
    >
    > If would like further information, or if you have any questions or concerns
    > please see http://www.techsurplusvictim.com/ or
    > http://www.electrodepotsucks.com
    >
    > Thank you for your time. This is a one-time email and we
    > will not contact
    > you again.
    >
    > --
    > Miles Duffy
    > Scam Victim
     
  18. Anders Englund

    Anders Englund Second Unit

    Joined:
    Jun 29, 1999
    Messages:
    426
    Likes Received:
    0
     

Share This Page