Retailers call for legislation to fight organized theft

U.S retailers lose about $30 million a year to organized theft, much of what is later sold on internet auction sites such as Ebay.

Retailers have called upon the U.S. Congress for legislation to combat this growing problem. Specifically, retailers have asked Congress to require online auction sites such as eBay to post the serial numbers of items for sale and to provide more information about high volume sellers.

"Operators of sites such as eBay have historically failed to provide any meaningful information to retail investigators," said Karl Langhorst, director of loss prevention for Randall's and Tom Thumb stores.

Robert Chesnut, SVP of rules, trust and safety at eBay, said it was reasonable "to think about what we could do about high-volume sellers."

It is not known if or how soon legislation is pending.

eBay employee 'torpedos' fraud trial

The trial of a UK man suspected of defrauding eBay users was scuttled after an employee for the online auction house abruptly left the island before offering key testimony.

According to the Herald Express, eBay employee Kevin Morgan arrived in Exeter on Sunday, but left on Wednesday morning before taking the stand because he was fed up with the wait.

"The trial has effectively been torpedoed by his leaving the country," prosecutor Martin Kenny said. "I would have thought eBay would have been keen to give evidence to allow the court to get to the bottom of this case."

source article - The Register

UK's eBay users scammed

LONDON, Oct. 21 Investigators in England uncovered fraudulent auctions on eBay resulting in large-scale scams targeting British users.

EBay users are being deceived into giving private e-mail accounts and other secure information by responding to fraudulent e-mails supposedly from the auction site.

Authorities tracked more than 30 cases to a German-based computer and bank account used in the swindle, The Sunday Times of London reported.

source

Conmen hijack eBay user identities

FOREIGN criminals are stealing the credentials of British users of the internet auction site eBay to perpetrate large-scale fraud.

An investigation has identified one German-based fraudster who hijacked more than 30 accounts and used them to fleece UK car buyers.

It comes as increasing numbers of eBay users report concerns about trading on the site.

Figures from the government-funded Consumer Direct advice line show that calls expressing concern about eBay transactions are averaging 22 a day.

article here

Fiendish Trojan pickpockets eBay users

Dan Goodin
The Register

Miscreants have unleashed a new strain of a sophisticated Trojan that targets eBay users by feeding them spoofed web pages containing fraudulent information about high-ticket purchases, The Register has learned. It has already contributed to an $8,600 loss by one eBay member.

The Trojan installs a scaled-down webserver on an infected machine that masquerades as eBay and several third-party destinations frequently used to sniff out fraudulent offerings, including Carfax.com, Autocheck.com and Escrow.com.

When a victim browses to one of these sites, the webserver creates a parallel universe of sorts, in which the victim sees counterfeit pages designed to counter fraud protection mechanisms offered by eBay and third-party sites.

source article

Phishers ease up on eBay, Paypal but move on to other sites

MANILA, Philippines -- The good news: Hackers have eased on phishing activities targeted at eBay and PayPal users. The bad news: They're looking for lesser-known websites to victimize.

Phishing is an attempt to criminally acquire sensitive user information on the Internet.

Data from antivirus firm Sophos shows 21 percent of total phishing email detected by its SophosLabs in September pretended to come from PayPal or its parent firm eBay. These are normally “spoof” or bogus email that trick users into giving their account details. Sophos said this was a “dramatic” reduction from a year ago, when 85 percent of these bogus messages claimed to be from eBay or PayPal.

source article

Undercover cop helps bust eBay scam (UK)

An undercover police officer posed as a postie to catch fraudsters using a house in Luton to receive mobile telephones won on eBay, after conning sellers into believing they had paid for them.

Temitope Otukoya, 28, and Olamrewaju Otukoya, 42, of Creswell Gardens, were both remanded in custody at Luton Magistrates' Court and will appear at Luton Crown Court next Friday.

Police discovered that fake Paypal emails were being sent out to sellers, telling them that money had been transferred into their account.
By the time they found the phones had not been paid for, the items had already been sent.

source article

Hacker breaks into eBay server, locks out users

A malicious hacker broke into an eBay server on Friday and temporarily suspended the accounts of a "very small" number of members, the company said.

"We were able to block the fraudster quickly before any permanent damage had been done. At no point did the fraudster get any access to financial information or other sensitive information," eBay spokeswoman Nichola Sharpe said via e-mail.

eBay has "secured and restored" the affected accounts and is calling the affected users, she said, without specifying how many accounts the hacker accessed and tinkered with.

complete article

Yahoo!, eBay and PayPal Join Forces to Fight E-mail Fraud and Phishing Scams

SAN JOSE and SUNNYVALE, CA, Oct. 4 /CNW/ - Yahoo!, eBay and PayPal today announced a collaborative effort to better protect consumers against fraudulent e-mails and the dangerous scams known as phishing attacks. Starting today, eBay and PayPal customers worldwide using Yahoo! Mail will have a safer e-mail experience - they will begin receiving fewer fake e-mails claiming to be sent by eBay and PayPal. Yahoo! Mail is the first Web mail service to block these types of malicious messages for eBay and PayPal through the use of DomainKeys e-mail authentication technology.


The technology upgrade will be rolled out globally over the next several weeks to all users of Yahoo! Mail.

complete press release

Chinese government server used in Paypal phishing attack

IMAGINE OUR surprise when among the dozens of phishing e-mails that arrive to our inboxes was one message that leads not to a free hosting provider but to a .GOV.CN site URL. Hackers are apparently in control of a Chinese government web server, or someone at that site is engaged in phishing Paypal accounts.

The e-mail, like many others of that ilk, told us about the need to log-in due to "suspect activity". It reads "We recently noticed one or more attempts to log in to your PayPal account from a foreign IP address".

complete article from The Inquirer