strange happenings at eBay.
Big worries this week. One of the team got an email from eBay with a request to pay for an item…Just one problem – they didn’t actually bid on, hadn’t purchased and didn’t desire a “genuine copy of Windows XP SP3.”
So this was a scam. They didn’t click on the link, and haven’t had their account wiped through a phishing attack. You can’t pull the wool over that pair of eyes (well, at least not very much). He logged into eBay directly and checked. He had indeed purchased a genuine copy of Windows XP SP3.
Scouring the site he finally came across a menu option to flag the transaction as fraudulent. An automated email from eBay informed him that it takes fraud very seriously and would respond within 24 hours. He did indeed receive a response within 24 hours – an automated response informing him that his eBay account had been compromised, and advising him that he should change my password immediately.
Oh my God. How did that happen? He quickly changed his eBay password and went onto PayPal, just in case the hacker had got that too.
PayPal was pretty useless – given the level of fraud it is open to. PayPal makes it extremely difficult for users to change their passwords – no easy to find “reset password” button. After PayPal he also changed a few other accounts just to be on the safe side.
At home he logged into his PC and ran a full F Secure online scan (btw, this is an extremely good free online malicious code scanner), then updated and ran Microsoft Security Essentials – neither found anything serious.
Is eBay still investigating the fraud? He received an automated response and potentially wasted ages resetting passwords and scanning for viruses but hasn’t had any contact with an update as yet…
maillotjaunepr
