spicymango wrote:
Wow very interesting. Scary indeed. Nice find. Can never be too cautios about sellers on the bay
This is why I have only bought once from E-bay.
Too scary...Too many crooks on there
IMO
| The Breitling Watch Source Forums https://www.breitlingsource.com/phpBB2/ |
|
| Ebay Fraud https://www.breitlingsource.com/phpBB2/viewtopic.php?f=10&t=37224 |
Page 1 of 1 |
| Author: | Raffe [ Sat Feb 11, 2012 5:32 pm ] |
| Post subject: | Ebay Fraud |
Hi all, I discovered an interesting Ebay fraud today. Check out auction number 220952042307 for a Rolex Deepsea. When the auction loads, the website loads again after about one second and displays a faked Ebay page. Firstly, the Ebay ID of the seller changes from 'ncw-s' to 'now-s', the script also adds a fake 'Buy it now' button (in German 'Sofort Kaufen') and it also removes some stuff from the page. Some of the links have been manipulated, too (try clicking on the seller's name or sales credits). When clicking on the 'Sofort Kaufen' button, it opens a new pop-up asking for contact details as the seller needs to approve bidders (how stupid is that suggestion?). The script is started by an embedded code in the article description area, it refers to an external website (http://dayvan.org/de/rolex/grupfpzzoq4w ... 0631725043), the code is even documented. I only have limited programming knowledge, but thanks to the documentation I would probably be able to adjust the script to anothe auction. I have never seen anything like this before, this opens a whole new world of possibilities for fraudsters - when you think you are on Ebay you might actually be somewhere else. Imagine the possibilities to defraud innocent shoppers: if I were the fraudster I wouldn't ask shoppers to register their email for a bid-approval but would try to get my hands on their paypal passwords. I have notified Ebay through the online chat, but the customer rep wasn't too impressed and thought their specialists would look at the auction within the next 24 to 48 hours. Great. I have also contacted the account owner (who I think is not involved, probably victim of phishing) and he has stopped the auction. So what you see now is the stopped auction, but the script is still active. Scary, isn't it? Raffe |
|
| Author: | spicymango [ Sat Feb 11, 2012 10:31 pm ] |
| Post subject: | Re: Ebay Fraud |
Wow very interesting. Scary indeed. Nice find. Can never be too cautios about sellers on the bay |
|
| Author: | Twotone540 [ Sun Feb 12, 2012 5:17 am ] |
| Post subject: | Re: Ebay Fraud |
spicymango wrote: Wow very interesting. Scary indeed. Nice find. Can never be too cautios about sellers on the bay This is why I have only bought once from E-bay. Too scary...Too many crooks on there IMO
|
|
| Author: | F14D_Tomcat [ Sun Feb 12, 2012 9:17 am ] |
| Post subject: | Re: Ebay Fraud |
Twotone540 wrote: This is why I have only bought once from E-bay. Too scary...Too many crooks on there IMOTotally with you on this one. Never use it for important amounts. |
|
| Author: | Sharkmouth [ Mon Feb 13, 2012 1:58 am ] |
| Post subject: | Re: Ebay Fraud |
Listing has gone now. It's frightening how casual the reaction of eBay was. |
|
| Author: | Raffe [ Mon Feb 13, 2012 2:29 am ] |
| Post subject: | Re: Ebay Fraud |
I spoke to an Internet security expert over the weekend. They have alerted Ebay to a similar security loophole already in 2008 and as of today it is still unresolved. See the details here: http://www.falle-internet.de/de/html/pr_exme_engl.php |
|
| Author: | F14D_Tomcat [ Mon Feb 13, 2012 4:51 am ] |
| Post subject: | Re: Ebay Fraud |
Sharkmouth wrote: Listing has gone now. It's frightening how casual the reaction of eBay was. What did you expect Sharkie? Resolving a serious issue like this takes time. And, of course, money.  Sent from my Galaxy SII using Tapatalk |
|
| Author: | wrangler [ Mon Feb 13, 2012 11:16 am ] |
| Post subject: | Re: Ebay Fraud |
I can't try it, since it's gone now, but I'm curious if it would have worked with Firefox and NoScript, which I use, to prevent just this sort of thing. |
|
| Author: | Raffe [ Mon Feb 13, 2012 11:25 am ] |
| Post subject: | Re: Ebay Fraud |
I tried with several browsers, and they all fell for it. NoScript did work to block it, just as ScriptNot for Chrome, but then you are lacking a lot of functionality on Ebay (e.g. the photo viewer, which runs on Java). |
|
| Author: | wrangler [ Mon Feb 13, 2012 11:37 am ] |
| Post subject: | Re: Ebay Fraud |
But with NoScript you can selectively enable by domain. Wouldn't that take care of it? |
|
| Author: | Raffe [ Mon Feb 13, 2012 11:42 am ] |
| Post subject: | Re: Ebay Fraud |
Sure. I have been using it now for two days with Ebay set to "no scripts". However, I cannot browse through photos anymore unless the seller has them in the item description (via photobucket or similar). The small Ebay gallery doesn't work anymore. I am also not able to bookmark items for my watchlist as that button is Java, too. Haven't tried to bid on an item, but wouldn't be surprised if that required Java as well. So I don't think its a great alternative to just disable scripts. We just need to be VERY careful... |
|
| Author: | F14D_Tomcat [ Mon Feb 13, 2012 11:48 am ] |
| Post subject: | Re: Ebay Fraud |
Raffe wrote: So I don't think its a great alternative to just disable scripts. We just need to be VERY careful...  +1 |
|
| Author: | wrangler [ Mon Feb 13, 2012 12:00 pm ] |
| Post subject: | Re: Ebay Fraud |
Raffe wrote: Sure. I have been using it now for two days with Ebay set to "no scripts". However, I cannot browse through photos anymore unless the seller has them in the item description (via photobucket or similar). The small Ebay gallery doesn't work anymore. I am also not able to bookmark items for my watchlist as that button is Java, too. Haven't tried to bid on an item, but wouldn't be surprised if that required Java as well. So I don't think its a great alternative to just disable scripts. We just need to be VERY careful... I believe the domains I enabled were ebay.com, ebaystatic.com and ebayrtm.com, and I use the photos normally, both with and without the window for enlarged pictures, and add items to my watch list often. Other domains should be blocked. |
|
| Author: | Raffe [ Mon Feb 13, 2012 12:04 pm ] |
| Post subject: | Re: Ebay Fraud |
Sure. But the script was on Ebay's server, so it would execute neatly with your configuration... |
|
| Author: | wrangler [ Mon Feb 13, 2012 12:20 pm ] |
| Post subject: | Re: Ebay Fraud |
Thanks. That's what I wanted to know. |
|
| Page 1 of 1 | All times are UTC - 8 hours |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|