Ebay Hacked?

jvrlopez · September 2013

No, not the site entirely.

I got a text today from my aunt asking me to look into her account due to some suspicious activity on it.

Apparently her account had been sending out messages to sellers in re: their items for over a month.

The context of the messages usually included some blurb about being in need of an urgent gift and in a certain amount. It also proposed, in ₤, a monetary value for the item to be purchased.

If the seller did respond agreeing to the proposal (the formatting, wording, and grammar gave strong indicators of spam, so most went unanswered), my aunt's account would ask to have the item sent first to an address overseas via COD (meaning they'd pay for it when received). Since this reeks of scam, I'm sure nothing was actually sent and no messages were received to indicate anything was ever sent or went unpaid.

Most of the messages were sent to sellers' listing of high end cell phones and jewelery.

The individual sending the messages even included their personal email in some of the conversations.

My aunt has not noticed anything suspicious on her any of her other accounts, any fraudulent charges on her ebay, paypal, or credit cards. I went ahead and had her change her passwords on her accounts accordingly.

So to me it looks like someone was using her ebay account to send messages and conduct activity in a manner that could not be traced to them (at least not as fast as if they had used an ebay account of their own).

Anyone see or heard of anything like this? Open source research on a few of the message's bodies, the email address, and type activity haven't really turned up anything.

If the activity continues after the password change, I'm just going to have the account closed.

Thanks!

~J

MSP-IT · September 2013

I received and email from eBay directly saying that my password had been changed because of "suspicious activity" and "unwarranted solicitation" roughly 3 months ago. I never received prior communication from them and haven't since. I looked into it and couldn't find any trace of it on my account. I verified that it was indeed from eBay.

--chris-- · September 2013

Sounds like another form of the same old thing. They phished (or obtained somehow) her info and now they are using her account with good standing/positive ratings to try and lure anyone into a scam. My paypal info was obtained somehow not too many months ago, they moved all the money I had in there to a GE bank account. Paypal obviously stopped all of it before I even knew it happened, and fixed it right as rain....but I had a pretty long complex password and a unique username. It was obviously picked up by a keylogger (my guess) on a computer I used somewhere.

J_86 · September 2013

MSP-IT wrote: »

I received and email from eBay directly saying that my password had been changed because of "suspicious activity" and "unwarranted solicitation" roughly 3 months ago. I never received prior communication from them and haven't since. I looked into it and couldn't find any trace of it on my account. I verified that it was indeed from eBay.

Yeah, I received the same thing but it was a long time ago (year I think). I've only used eBay a few times, didn't find anything wrong with my account or suspicious activity. I wonder what triggers these suspicious activity email alerts from eBay?

petedude · September 2013

--chris-- wrote: »

Sounds like another form of the same old thing. They phished (or obtained somehow) her info and now they are using her account with good standing/positive ratings to try and lure anyone into a scam. My paypal info was obtained somehow not too many months ago, they moved all the money I had in there to a GE bank account. Paypal obviously stopped all of it before I even knew it happened, and fixed it right as rain....but I had a pretty long complex password and a unique username. It was obviously picked up by a keylogger (my guess) on a computer I used somewhere.

Watch those internet cafe PCs. I had an issue with with a FedEx PC like that once. I am very wary of those PCs now.

--chris-- · September 2013

petedude wrote: »

Watch those internet cafe PCs. I had an issue with with a FedEx PC like that once. I am very wary of those PCs now.

Worse yet, I don't recall using any PC aside from my normal ones (work & home) during that time. I wiped/installed everything when I got home that day. This is why I don't do banking on anything other than my home PC that gets wiped every couple of weeks for some reason or another. Its not 100% safe, but its better than a PC that's been "exposed" for months or years.

Crikey · September 2013

--chris-- wrote: »

This is why I don't do banking on anything other than my home PC

Same here. No phone or tablet, definitely not on any public wireless at all.

CoolAsAFan · September 2013

For those weary about using public wifi, you should look into using a VPN. Don't want a third party VPN you say? Roll your own to use your homes internet connection. This way hackers can't read any plain text sent over the public wifi with packet sniffers because everything will be encrypted. This is very easy to accomplish and there are plenty of guides out there!

Also, I would NEVER use a public pc/laptop for tasks involving sensitive information, unless I could change the boot options and boot my own OS from USB. Happy secure browsing!

MentholMoose · September 2013

--chris-- wrote: »

My paypal info was obtained somehow not too many months ago, they moved all the money I had in there to a GE bank account.

If you use PayPal much you might want to setup two-factor authentication. You can buy a physical security token ($30) or use 2FA based on SMS (free) or the Symantec VIP Access app (also free). It's not guaranteed to keep you completely safe, but 2FA will most likely prevent this from happening.

Ebay Hacked?

Comments