Welcome to our site!

Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.

  • Welcome to our site! Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.

Major Ebay warning

Status
Not open for further replies.

picbits

Well-Known Member
This is not a hoax. I've just tried this and found its true. Do not whatever you do log into ebay after clicking on the link.

Search for item number: 360180477987 on Ebay without logging in.

look at your Address bar and you will see it change from:

**broken link removed**

to a spoofed Address:

Hymer b 614 2004 RHD Motorhome Camper Caravan Campervan on eBay (end time 19-Aug-09 13:29:50 BST)

Obviously this is to harvest your Ebay and Paypal passwords and can be done on ANY listing. So when you click on a listing make sure the Address doesn't change in the toolbar ;)

I've tried it myself. I logged onto Ebay and let it remember me. Every auction I went to it remembered me.

Now I clicked on the top link and after a few seconds it redirected me to what seems to be a spoof site but it hadn't remembered my login details. If I tried to watch the item or do anything it would have asked me for my username and password again ......

Be warned. I've not investigated it much but it does seem like a pretty decent way to scam people.

Before signing in, always check the URL at the top of the screen.
 

Hero999

Banned
It's known as phishing, you receive an email saying you've won something and when you click on the link it just directys you to a fake eBay page where you enter your card details and they sell them to fraudsters to make money.

This subject gets raised every month, there should be a sticky somewhere in the forum.

Just enter a load of false information to annoy them.
 
Last edited:

picbits

Well-Known Member
No - this is different.

The first link is to a legitimate ebay auction on the official ebay site.

After a few seconds this page redirects to what could be (but I'm not certain) a phising site.

The two pages are identical but it opens up a whole can of worms for Ebay users as if you don't notice the URL change and page refresh, you might end up putting your username and password back in.

I repeat - the first link is to a legitimate Ebay auction on Ebay and you go to the Ebay page but then get automatically redirected.

Try it - watch the URLs change .......
 

Hero999

Banned
I see what you mean, this really is bad, I wonder how they do it.

Disabling scripting blocks it though.
 
Last edited:

Hero999

Banned
Yes, they need to do something: people shouldn't be allowed to have scripts on their eBay pages.
 

picbits

Well-Known Member
They have been made aware of it.

How long they will take to rectify the problem though is anybodys guess.
 
Last edited:

Mikebits

Well-Known Member
You mean that Ebay allows users to add scripts to the site? That is scary...
 

bryan1

Well-Known Member
I got caught by something similar to this a few years ago on ebay. I apparently won an auction for a 5kva genset, sent my money off and never even got a reply let alone the genset. I alerted ebay and they completely washed there hands saying it wasnt a ebay site. Here in Oz ebay isnt even listed in the phone book and I couldn't find a phone number to call them. I even went to the police and they said they couldnt do a thing, go figure....After that I canceled my ebay and not long ago I started a new one to sell some stuff.

These days I give ebay a wide berth as 99% of the things are just plain crap
 

Hero999

Banned
There are script blocking extensions for Firefox so you can prevent scripts executing on sites you don't trust. I think I'll download it and disable scripts, for eBay, Paypal and other sites which could be abused in this manner.
 
Last edited:

mneary

New Member
In Firefox/Tools/Options/Advanced/ check "Warn me when sites try to redirect or reload the page".
 

Hero999

Banned
Good idea, that should be set by default.
 
Status
Not open for further replies.

Latest threads

EE World Online Articles

Loading
Top