ebay account hijacking - how's it done these days? - HotUKDeals
We use cookie files to improve site functionality and personalisation. By continuing to use HotUKDeals, you accept our cookie and privacy policy.
Get the HotUKDeals app free at Google Play

Search Error

An error occurred when searching, please try again!

Login / Sign UpSubmit
Expired

ebay account hijacking - how's it done these days?

£0.00 @ eBay
I realise there are the ebay community forums but I've seen some excellent advice here recently, particularly from dinostevus of course. Around various forums I've seen increased claims of people …
Johnmcl7 Avatar
1d, 5m agoPosted 1 decade, 5 months ago
I realise there are the ebay community forums but I've seen some excellent advice here recently, particularly from dinostevus of course.

Around various forums I've seen increased claims of people having their ebay account hijacked, is there something new out there which can get account details? I've received an e-mail from someone who has had their ebay account hijacked and has apparently come up clean in a spyware check and hasn't responded to any dodgy e-mails. Is there particular spyware which now records ebay account details and sends it on which I should be looking for when I'm on the PC myself? Is there any other way aside from phishing where someone could have stolen account details?

Thanks for any help,
John
Other Links From eBay:
Johnmcl7 Avatar
1d, 5m agoPosted 1 decade, 5 months ago
Options

All Comments

(26) Jump to unreadPost a comment
Comments/page:
#1
Johnmcl7
I realise there are the ebay community forums but I've seen some excellent advice here recently, particularly from dinostevus of course.

Around various forums I've seen increased claims of people having their ebay account hijacked, is there something new out there which can get account details? I've received an e-mail from someone who has had their ebay account hijacked and has apparently come up clean in a spyware check and hasn't responded to any dodgy e-mails. Is there particular spyware which now records ebay account details and sends it on which I should be looking for when I'm on the PC myself? Is there any other way aside from phishing where someone could have stolen account details?

Thanks for any help,
John

Would he know if he responded to dodgy E-Mails if he didn't know they were dodgy (if you get what I mean).
There was a news post a while back about eBay servers that had been compromised and account details that had been taken, that may be where it's from.
Also, who was this 'person'? someone you know or someone you bought from/sold to?
There is nothing that I'm aware of that specifically targets eBay accounts, but it is always good to be vigilent and run your Spyware/Adware programs.
X10
#2
The account was hijacked over the last couple of days, so would that rule out the possibility of compromised ebay servers?

Thanks for the information, that's the sort of item I'm looking for.

John
#3
Johnmcl7
The account was hijacked over the last couple of days, so would that rule out the possibility of compromised ebay servers?...
They could have had the details ages ago and only recently decided to hijack it, you just don't know when they got these details.

The other problem is that very few companies will openly come forward with details that they have been compromised, it's very rare, so this could have been another security breach but you just don't know about it.

The problem is as I was saying in another thread today that there are plenty of ways to be secure but it depends on how much time and how much worth you put into them versus the ease of use you want.
You could change your password each week for each account, run Spyware programs before you log in to any online accounts, but is it worth your time?

X10
#4
While I appreciate it's impossible to entirely prevent this happening, since it has happened on a machine with a seemingly up to date firewall (software and hardware), antivirus and anti-spyware I need to know how the machine was possibly compromised.

John
#5
Johnmcl7
While I appreciate it's impossible to entirely prevent this happening, since it has happened on a machine with a seemingly up to date firewall (software and hardware), antivirus and anti-spyware I need to know how the machine was possibly compromised.
John


If you believe that the machine in question was fully secure (you still haven't said exactly who's machine this was), then it wouldn't appear in any logs.

One possibility is this:
Before the latest updates and patches were applied someone used an exploit to put some form of Spyware or exploit on. Unfortunately the programs can be mostly behind the people using the exploits because the exploit has to be known first, and this only happens if someone who knows about it alerts the appropriate people (which can be after it's been used by nefarious types).
However, if you say that after the machine was compromised it was scanned and had no Spyware et al on it, then either there was none in the first place or the person that put it on removed it. The latter is very unlikely but not improbable.

I think this is more a case of external factors, as I mentioned in an earlier post.

But you haven't really said much about the machine that was compromised, who's it was etc. so it's difficult to make a fair assessment.

If you are just worried about your own machine, then I think you are doing all the right things. Spyware & Firewall up to date is a good precautionary step. Also, have a read of the Safety pages of the websites with which you hold sensitive/important data (Bank/eBay/PayPal etc.) they all have information about keeping your details safe and electronic communication they will and won't use to contact you.

I hope that helps

X10
#6
I've had one of my selling accounts hijacked and I never ever click on a link. It was a right PITA to sort out but only 1 person got scammed. I refunded him out of my own pocket. The Hijacker put Nochex on the listings and removed Paypal. I couldn't use that account for 48 hrs and I had to transfer everything to one of my other ID's.
According to ebay the scammers use a programme that tries thousands of passwords for your account.
#7
Yesterday elsewhere we had a very interesting discussion about trojans, etc. It looks like not all antivirus software can block it. The worst one was Norton (both retail and corporate editions). We tested AVG, Avast, McAfee, PC-Ciling, NOD32, Norton/Symantec, Antivir and Kaspersky. Antivir found 2 out of 3 viruses, AVG, Avast, NOD32 and Kaspersky found all 3. McAfee found 1. Norton - nil...

Do you want to test your protection? http://netlab.e2k.ru/forum/html/emoticons/newest/devil_2.gif
1 Like #8
dinosteveus
I've had one of my selling accounts hijacked and I never ever click on a link. It was a right PITA to sort out but only 1 person got scammed. I refunded him out of my own pocket. The Hijacker put Nochex on the listings and removed Paypal. I couldn't use that account for 48 hrs and I had to transfer everything to one of my other ID's.
According to ebay the scammers use a programme that tries thousands of passwords for your account.
Brute-Forcing a website - surely they would have some protection in place for that, I mean, this is eBay..........oh yeah, eBay :roll:

EDIT:
Just thought about l0pht and Brute Forcing, one of the best passwords to create is using symbols e.g. :@~<>?}{+_)(*&^%$£"!, letters and numbers, typically with the symbols at the beginning and end.
I'm not sure about today's most up to day Brute Force cracking programs, but in the last few years and before they all seemed to take a very very long time to crack if you used symbols at the beginning of a password.

Kommunist
Yesterday elsewhere we had a very interesting discussion about trojans, etc. It looks like not all antivirus software can block it. The worst one was Norton (both retail and corporate editions). We tested AVG, Avast, McAfee, PC-Ciling, NOD32, Norton/Symantec, Antivir and Kaspersky. Antivir found 2 out of 3 viruses, AVG, Avast, NOD32 and Kaspersky found all 3. McAfee found 1. Norton - nil...

Do you want to test your protection? http://netlab.e2k.ru/forum/html/emoticons/newest/devil_2.gif

I've always used Kaspersky, but then I know what I'm doing most of the time (I can't know what I don't know after all).
#9
dinosteveus
According to ebay the scammers use a programme that tries thousands of passwords for your account.


So if they decide to target your account, regularly changing your password would be pointless?
#10

Er.. like this: еВау? :) You might need to select Cyrillic to see it properly.
#11
palspal
So if they decide to target your account, regularly changing your password would be pointless?

Well, not necessarily, when they try a password and it's not the correct one, it goes on a list of already tried passwords.
Now let's say you changed it to a password that the 'hijackers' have already tried, then they will not get in, because they won't go back and try it again.

And if eBay are aware of this problem and are not doing anything about it then....well, once again chalk one up for eBay being too big for it's boots again.

X10
#12
Kommunist

Er.. like this: еВау? :) You might need to select Cyrillic to see it properly.


I selected View -> Character Encoding -> Cyrillic (IBM-855) (In Firefox 1.5.0.7)
But nothing happened :(
X10
#13
X10
Well, not necessarily, when they try a password and it's not the correct one, it goes on a list of already tried passwords.
Now let's say you changed it to a password that the 'hijackers' have already tried, then they will not get in, because they won't go back and try it again.

And if eBay are aware of this problem and are not doing anything about it then....well, once again chalk one up for eBay being too big for it's boots again.

X10


Thanks. I'll continue changing my password once a month.
#14
X10
I selected View -> Character Encoding -> Cyrillic (IBM-855) (In Firefox 1.5.0.7)
But nothing happened :(
X10

You should select Cyrillic->Windows 1251
#15
I did. Still nothing :'(
X10
#16
Strange. I do see еВау (as eBay) when I use my Russian settings.
#17
Can you post a pic for what you see?
Would be nice to know, and also it looks unlikely that I'll see it.
X10
#18
When I type:
"I do see [COLOR=DarkOrchid]еВау[/COLOR] (as [COLOR=DarkOliveGreen]eBay[/COLOR])",
I see two words "eBay". The first one (in blue) is in Cyrillic, but I have to type 'tDfe' to make it.
#19
Bizarre, I just see eBay, and nothing more, I feel deprived :'(
X10
#20
Never mind :)
Here is [COLOR=RoyalBlue]еВау [COLOR=Black]in Cyrillics. Do you see the word in blue? How does it looks for you (don't copy/paste, just type it).[/COLOR][/COLOR]
#21
I see eBay in blue
lol
#22
steffcip
I see eBay in blue
lol


Yup, same here, I just see "eBay" in Blue.
#23
The eBay in blue is in Cyrillic and not the same as if I just type eBay in Latin. So, if I type (again, the words in blue are in Cyrillics, apart from 'uk') http://[COLOR=RoyalBlue]еВау.со.uk [COLOR=Black]and make link out of it, then if you click it, you won't go to proper eBay site. You can try to copy it to your address bar and see for yourself. But would you be able to distinguish the two if I wouldn't tell you? :)
So, someone can create ebay-looking webpage and send you an email asking you to enter your details.
In my example, things are pretty clear (once you copy it to browser), but there are ways to make it look legitimate.
[/COLOR][/COLOR]
#24
It's almost always phishing. There are of course cases of guessing programs but the combinations and number of attempts allowed etc. are insanely hard to get past.
[SIZE=2][/SIZE]
[SIZE=2]There's also cases of people using the same e-mail and password on ebay as they do elsewhere and someone setting up offers/forums etc to garner details and simply checking them all against ebay.[/SIZE]
[SIZE=2][/SIZE]
[SIZE=2]And there's trojans and other actual computer hijacks/attacks. As I mentioned in some other thread though if someone has done this and all they used it for was to mess with your Ebay account then I'd suggest sending them a thank you letter :)[/SIZE]
#25
Kommunist
The eBay in blue is in Cyrillic and not the same as if I just type eBay in Latin. So, if I type (again, the words in blue are in Cyrillics, apart from 'uk') http://[COLOR=RoyalBlue]еВау.со.uk[/COLOR][COLOR=RoyalBlue] [COLOR=Black]and make link out of it, then if you click it, you won't go to proper eBay site. You can try to copy it to your address bar and see for yourself. But would you be able to distinguish the two if I wouldn't tell you? :)
So, someone can create ebay-looking webpage and send you an email asking you to enter your details.
In my example, things are pretty clear (once you copy it to browser), but there are ways to make it look legitimate.
[/COLOR][/COLOR]


Yup, I get one or two of those a month in my Hotmail account. They should be the easiest ones to see through.
X10
#26
Artemis
It's almost always phishing. There are of course cases of guessing programs but the combinations and number of attempts allowed etc. are insanely hard to get past.

If eBay are using it as a reason for their hijacked accounts then (like I said before), they're not doing much to combat the problem.

[quote=Artemis][SIZE=2]There's also cases of people using the same e-mail and password on ebay as they do elsewhere and someone setting up offers/forums etc to garner details and simply checking them all against ebay.

Yup.
[/SIZE]
[quote=Artemis][SIZE=2]And there's trojans and other actual computer hijacks/attacks. As I mentioned in some other thread though if someone has done this and all they used it for was to mess with your Ebay account then I'd suggest sending them a thank you letter :)[/SIZE]

LoL, we should thank them for only taking advantage of our eBay account while bringing our poor Password practices to light.
X10

Post a Comment

You don't need an account to leave a comment. Just enter your email address. We'll keep it private.

...OR log in with your social account

...OR comment using your social account

Looking for Twitter login?
Thanks for your comment! Keep it up!
We just need to have a quick look and it will be live soon.
The community is happy to hear your opinion! Keep contributing!